CVE-2015-20115
Awaiting Analysis Awaiting Analysis - Queue
Stored Cross-Site Scripting in RealtyScript 4.0.2 File Uploads

Publication date: 2026-03-16

Last updated on: 2026-03-19

Assigner: VulnCheck

Description
Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools.php. Attackers can upload files containing JavaScript code that executes in the context of admin/tools.php when accessed by other users.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2015-20115
EUVD
EUVD-2015-9411
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nextclickventures realtyscript 4.0.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2015-20115 is a stored Cross-Site Scripting (XSS) vulnerability in RealtyScript version 4.0.2 and earlier. It occurs because the application fails to properly sanitize file uploads through the file POST parameter in the admin/tools.php script.

Attackers can exploit this vulnerability by uploading files containing malicious JavaScript code. This code is then stored on the server and executed in the context of admin/tools.php when accessed by other users.

Impact Analysis

This vulnerability allows attackers to execute malicious JavaScript code in the context of the vulnerable application for other users. This can lead to unauthorized actions such as stealing user session data, performing actions on behalf of users, or delivering further malicious payloads.

Because the attack requires low privileges and user interaction, it can be exploited relatively easily over the network, potentially compromising the security and integrity of user data and the application.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for suspicious file uploads to the admin/tools.php endpoint, specifically files uploaded via the file POST parameter that may contain JavaScript code.'}, {'type': 'paragraph', 'content': 'One approach is to inspect uploaded files on the server for embedded JavaScript or other executable code that should not be present.'}, {'type': 'paragraph', 'content': 'Commands to help detect such files might include searching the upload directory for files containing <script> tags or JavaScript code patterns. For example, using grep on the server:'}, {'type': 'list_item', 'content': 'grep -r --include="*" "<script" /path/to/upload/directory'}, {'type': 'list_item', 'content': 'grep -r --include="*" "javascript:" /path/to/upload/directory'}, {'type': 'paragraph', 'content': 'Additionally, monitoring web server logs for POST requests to admin/tools.php with file uploads can help identify attempts to exploit this vulnerability.'}] [1]

Mitigation Strategies

Immediate mitigation steps include disabling or restricting file uploads to the admin/tools.php script until a proper fix is applied.

Implement strict validation and sanitization of uploaded files to ensure that no executable scripts or JavaScript code can be uploaded.

Limit access to the admin/tools.php page to trusted users only, and consider applying additional authentication or authorization controls.

Regularly review and remove any suspicious or unauthorized uploaded files from the server.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2015-20115. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart