Nextclickventures Realtyscript — known CVE vulnerabilities
Every CVE whose affected-product data names Nextclickventures Realtyscript, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2015-20120 — CVSS 8.2 (high): Next Click Ventures RealtyScript 4.0.2 contains multiple time-based blind SQL injection vulnerabilities that allow unauthenticated…
CVE-2015-20121 — CVSS 8.2 (high): Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database…
CVE-2015-20118 — CVSS 7.2 (high): Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability in the location_name parameter of the admin…
CVE-2015-20115 — CVSS 7.2 (high): Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the…
CVE-2015-20119 — CVSS 6.4 (medium): Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject…
CVE-2015-20116 — CVSS 6.1 (medium): Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize CSV file uploads, allowing attackers to inject malicious scripts through…
CVE-2015-20114 — CVSS 6.1 (medium): Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and…
CVE-2015-20117 — CVSS 5.3 (medium): Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create…
CVE-2015-20113 — CVSS 5.3 (medium): Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow…