advanced_real_estate_script_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk sql injection、vendor risk csrf, and バッファオーバーフロー に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact data exposure and アプリケーションクラッシュ などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2019-20337 | In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection. | [email protected] | 7.2 | 0.27% | 2020-01-05 | 2024-11-21 |
| CVE-2019-20336 | In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-results.php searchtext parameter is vulnerable to XSS. | [email protected] | 6.1 | 0.33% | 2020-01-05 | 2024-11-21 |
| CVE-2018-15189 | PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile. | [email protected] | 5.4 | 0.21% | 2018-08-10 | 2024-11-21 |
| CVE-2018-15188 | PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile. | [email protected] | 6.5 | 0.14% | 2018-08-10 | 2024-11-21 |
| CVE-2018-15187 | PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. | [email protected] | 8.0 | 0.14% | 2018-08-10 | 2024-11-21 |
| CVE-2018-5078 | Online Ticket Booking has XSS via the admin/eventlist.php cast parameter. | [email protected] | 4.8 | 0.22% | 2018-01-03 | 2024-11-21 |
| CVE-2018-5077 | Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter. | [email protected] | 4.8 | 0.22% | 2018-01-03 | 2024-11-21 |
| CVE-2018-5076 | Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter. | [email protected] | 4.8 | 0.22% | 2018-01-03 | 2024-11-21 |
| CVE-2018-5075 | Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter. | [email protected] | 4.8 | 0.22% | 2018-01-03 | 2024-11-21 |
| CVE-2018-5074 | Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter. | [email protected] | 4.8 | 0.22% | 2018-01-03 | 2024-11-21 |
| CVE-2018-5073 | Online Ticket Booking has CSRF via admin/movieedit.php. | [email protected] | 6.8 | 0.08% | 2018-01-03 | 2024-11-21 |
| CVE-2018-5072 | Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. | [email protected] | 4.8 | 0.22% | 2018-01-03 | 2024-11-21 |
| CVE-2017-17603 | Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter. | [email protected] | 9.8 | 2.51% | 2017-12-13 | 2026-05-13 |