RSS   Vulnerabilities for 'Advanced real estate script'   RSS

2018-08-10
 
CVE-2018-15189

CWE-79
 

 
PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile.

 
 
CVE-2018-15188

CWE-119
 

 
PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile.

 
 
CVE-2018-15187

CWE-352
 

 
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.

 
2018-01-03
 
CVE-2018-5078

CWE-79
 

 
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.

 
 
CVE-2018-5077

CWE-79
 

 
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.

 
 
CVE-2018-5076

CWE-79
 

 
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.

 
 
CVE-2018-5075

CWE-79
 

 
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.

 
 
CVE-2018-5074

CWE-79
 

 
Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.

 
 
CVE-2018-5073

CWE-352
 

 
Online Ticket Booking has CSRF via admin/movieedit.php.

 
 
CVE-2018-5072

CWE-79
 

 
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.

 


Copyright 2018, cxsecurity.com

 

Back to Top