CVE-2015-20116 in RealtyScriptinformation

Résumé

par MITRE • 16/03/2026

Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize CSV file uploads, allowing attackers to inject malicious scripts through filename parameters in multipart form data. Attackers can upload files with XSS payloads in the filename field to execute arbitrary JavaScript in users' browsers when the file is processed or displayed.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulnCheck

Réserver

15/03/2026

Divulgation

16/03/2026

Modérer

accepté

Entrée

VDB-351162

CPE

prêt

CWE

CWE-79 (confirmé)

Exploitation

Télécharger

CVSS

6.1 (NVD)

EPSS

0.00051

KEV

non

Activités

très faible

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-20116
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-20116
CVE Details	https://www.cvedetails.com/cve/CVE-2015-20116/

◂ Précédent Aperçu Suivant ▸

Might our Artificial Intelligence support you?

Check our Alexa App!