CVE-2015-20113
Awaiting Analysis Awaiting Analysis - Queue
Persistent XSS and CSRF in RealtyScript 4.0.2 Enable Admin Actions

Publication date: 2026-03-16

Last updated on: 2026-03-19

Assigner: VulnCheck

Description
Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when logged-in users visit them, or inject persistent scripts that execute in the application context.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2015-20113
EUVD
EUVD-2015-9407
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nextclickventures realtyscript 4.0.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in RealtyScript version 4.0.2 involves multiple security issues including Cross-Site Request Forgery (CSRF) and persistent Cross-Site Scripting (XSS). Attackers can exploit these flaws because the application does not properly validate HTTP requests or sanitize user inputs. This allows attackers to perform unauthorized administrative actions if a logged-in user visits a malicious website, and to inject persistent malicious scripts that execute within the context of the affected site.

  • CSRF enables attackers to trick logged-in users into executing unwanted actions with administrative privileges.
  • Persistent XSS vulnerabilities allow attackers to inject arbitrary HTML and JavaScript code that runs in the application context, potentially compromising user sessions and site integrity.
Impact Analysis

This vulnerability can have serious impacts including unauthorized administrative actions and persistent malicious code execution within the application. Specifically, attackers can:

  • Add new users with administrative privileges without authorization.
  • Create superuser accounts that have elevated privileges.
  • Inject and execute arbitrary scripts that can hijack user sessions, deface the website, or embed malicious content.
  • Compromise the integrity and security of the affected real estate software, potentially leading to data breaches or unauthorized access.
Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'Detection of this vulnerability involves identifying attempts to exploit Cross-Site Request Forgery (CSRF) and persistent Cross-Site Scripting (XSS) in RealtyScript 4.0.2. You can monitor HTTP requests for suspicious POST parameters such as "file", "location_name", and "text" that may contain malicious scripts or forged requests targeting administrative actions.'}, {'type': 'paragraph', 'content': 'Specifically, you can look for POST requests to endpoints like "admin/addusers.php" and "admin/editadmins.php" that attempt to add or modify users with elevated privileges without proper authorization.'}, {'type': 'paragraph', 'content': 'Commands to detect such activity might include using network traffic analysis tools or web server logs to filter for suspicious POST requests. For example, using grep on web server logs:'}, {'type': 'list_item', 'content': "grep -i 'POST /admin/addusers.php' /var/log/httpd/access_log"}, {'type': 'list_item', 'content': "grep -i 'POST /admin/editadmins.php' /var/log/httpd/access_log"}, {'type': 'list_item', 'content': "grep -iE 'file=|location_name=|text=' /var/log/httpd/access_log"}, {'type': 'paragraph', 'content': 'Additionally, you can use web vulnerability scanners or proxy tools (like Burp Suite) to test for CSRF tokens and input sanitization on these parameters to confirm the presence of the vulnerability.'}] [1, 2]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'Immediate mitigation steps include implementing proper CSRF protections and input validation/sanitization in the RealtyScript 4.0.2 application.'}, {'type': 'list_item', 'content': 'Add CSRF tokens to all forms and verify them on the server side to prevent unauthorized administrative actions.'}, {'type': 'list_item', 'content': 'Sanitize and validate all user-supplied input parameters, especially those like "file", "location_name", and "text", to prevent injection of malicious scripts.'}, {'type': 'list_item', 'content': 'Restrict administrative actions to authenticated and authorized users only, ensuring proper session management.'}, {'type': 'list_item', 'content': 'Monitor and block suspicious requests targeting administrative endpoints such as "admin/addusers.php" and "admin/editadmins.php".'}, {'type': 'paragraph', 'content': 'If a patch or updated version from the vendor is available, apply it immediately. Since the vendor did not respond prior to the advisory release, consider applying custom fixes or using web application firewalls (WAF) to block exploit attempts.'}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2015-20113. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart