CVE-2015-20120 in RealtyScriptИнформация

Сводка

по MITRE • 16.03.2026

Next Click Ventures RealtyScript 4.0.2 contains multiple time-based blind SQL injection vulnerabilities that allow unauthenticated attackers to extract database information by injecting SQL code into application parameters. Attackers can craft requests with time-delay payloads to infer database contents character by character based on response timing differences.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulnCheck

Резервировать

15.03.2026

Раскрытие

16.03.2026

Модерация

принято

Вход

VDB-351171

CPE

готов

CWE

CWE-89 (Подтверждённый)

Эксплойт

Скачать

CVSS

9.8 (NVD)

EPSS

0.00492

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-20120
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-20120
CVE Details	https://www.cvedetails.com/cve/CVE-2015-20120/

◂ Предыдущий Обзор Далее ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!