CodeAstro Real Estate Management System propertyview.php cross site scripting

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

Basic Information

ID CVE-2025-9939

Source VulDB

Published Sep 4, 2025 at 00:02

Affected Product

Vendor CodeAstro

Product Real Estate Management System

Version 1.0

Affected Versions CodeAstro Real Estate Management System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2025-09-04T00:02:06.522Z",
    "modified": "2025-09-04T00:02:06.522Z",
    "type": "cve",
    "title": "CodeAstro Real Estate Management System propertyview.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.322341\nhttps://vuldb.com/?ctiid.322341\nhttps://vuldb.com/?submit.643540\nhttps://github.com/YZS17/CVE/blob/main/CodeAstro_Real_Estate_Management_System/admin_propertyview.php_xss.md\nhttps://codeastro.com/",
    "id": "CVE-2025-9939",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "CodeAstro Real Estate Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Real Estate Management System",
    "version": "1.0",
    "vendor": "CodeAstro",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

CodeAstro Real Estate Management System propertyview.php cross site scripting_CVE-2025-9939