CVE-2015-20116 | Next Click Ventures RealtyScript 4.0.2 CSV File Parser filename cross site scripting (Exploit 38496)

Inserito da Angelo Barbosa | Mar 15, 2026 | CVE

A vulnerability classified as problematic has been found in Next Click Ventures RealtyScript 4.0.2. This affects an unknown function of the component CSV File Parser. The manipulation of the argument filename leads to cross site scripting.

This vulnerability is documented as CVE-2015-20116. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2015-20116 | Next Click Ventures RealtyScript 4.0.2 CSV File Parser filename cross site scripting (Exploit 38496)

Post correlati

CVE-2025-48070 | makeplane up to 0.22 default permission (GHSA-cjh4-q763-cc48)

CVE-2023-49760 | Giannopoulos Kostas WPsoonOnlinePage Plugin up to 1.9 on WordPress cross-site request forgery

CVE-2024-50065 | Linux Kernel up to 6.6.56/6.11.3 ntfs3 __get_name allocation of resources (c556e72cea2a/d0c710372e23/589996bf8c45)

CVE-2024-43309 | WP Socio WP Telegram Widget and Join Link Plugin up to 2.1.27 on WordPress cross site scripting