Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2022-31574

Disclosure Date: July 11, 2022 (last updated February 24, 2025)
The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-17909

Disclosure Date: December 27, 2017 (last updated November 26, 2024)
PHP Scripts Mall Responsive Realestate Script has XSS via the admin/general.php gplus parameter.
0
0
Attacker Value
Unknown

CVE-2017-17908

Disclosure Date: December 27, 2017 (last updated November 26, 2024)
PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general.
0
0
Attacker Value
Unknown

CVE-2017-17591

Disclosure Date: December 13, 2017 (last updated November 26, 2024)
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
0
0
Attacker Value
Unknown

CVE-2017-17628

Disclosure Date: December 13, 2017 (last updated November 26, 2024)
Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.
0
0