CVE Daily

CVE-2019-20337

In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id...

High CVSS 7.2

Overview

In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.php news_id parameter is vulnerable to SQL Injection.

CWE: CWE-89 Published: 2020-01-05T22:15:11.487
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.2 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags