CVE-2026-13559

Publié : 29 juin 2026

Modifié : 29 juin 2026

Score CVSS

7.3

HIGH

Description détaillée

A weakness has been identified in code-projects Real State Services 1.0. Impacted is an unknown function of the file /single-list_sale.php?action=add. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Références et Patchs

https://code-projects.org/https://github.com/6Justdododo6/CVE/issues/21 https://vuldb.com/cve/CVE-2026-13559 https://vuldb.com/submit/843782 https://vuldb.com/vuln/374567 https://vuldb.com/vuln/374567/cti

Dernières Vulnérabilités

CVE-2026-57525

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

VOIR DÉTAILS

CVE-2026-57523

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

VOIR DÉTAILS

CVE-2026-57341

Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions.

VOIR DÉTAILS