What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through <= 3.5.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
What the vulnerability does
Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through <= 3.5.2.
Explanation of Vulnerability in Simple Terms
Real Estate 7 versions 3.5.2 and earlier contain a vulnerability that allows unauthenticated attackers to read sensitive data, modify content, or disrupt service availability over the network. No special user interaction or configuration is required. The vulnerability affects the application's core functionality and can be exploited remotely without authentication.
What an attacker can do
Read sensitive data, modify content, or cause service disruption without authentication.
Potential impact on your site
Unauthorized users can access, modify, or disrupt your Real Estate 7 site without logging in.
Conditions required to exploit
Network access to the affected Real Estate 7 installation; no authentication required.
Key dates
External resources