Codeastro Real Estate Management System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Codeastro Real Estate Management System.
By the Year
In 2026 there have been 0 vulnerabilities in Codeastro Real Estate Management System. Last year, in 2025 Real Estate Management System had 10 security vulnerabilities published. Right now, Real Estate Management System is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 10 | 7.56 |
| 2024 | 5 | 6.90 |
It may take a day or so for new Real Estate Management System vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Codeastro Real Estate Management System Security Vulnerabilities
CodeAstro Real Estate MS 1.0 SQLi in Admin/UserDelete.php ID param
CVE-2025-14900
4.7 - Medium
- December 19, 2025
A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
SQL Injection
CodeAstro Real Estate Mgmt 1.0 SQLi via /admin/stateadd.php
CVE-2025-14899
4.7 - Medium
- December 19, 2025
A weakness has been identified in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /admin/stateadd.php of the component Administrator Endpoint. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
SQL Injection
CWE-89: CodeAstro Real Estate 1.0 Admin Endpoint SQLi via userbuilderdelete.php
CVE-2025-14898
4.7 - Medium
- December 18, 2025
A security flaw has been discovered in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /admin/userbuilderdelete.php of the component Administrator Endpoint. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
SQL Injection
CodeAstro RES 1.0: Remote SQLi in /admin/useragentdelete.php
CVE-2025-14897
4.7 - Medium
- December 18, 2025
A vulnerability was identified in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /admin/useragentdelete.php of the component Administrator Endpoint. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.
SQL Injection
CodeAstro RE System 1.0: SQLi via ID in submitpropertyupdate.php
CVE-2025-5611
8.8 - High
- June 04, 2025
A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro Real Estate Management System 1.0 SQLi via /submitpropertydelete.php
CVE-2025-5610
8.8 - High
- June 04, 2025
A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro Real Estate Sys 1.0 – Remote SQLi via /register.php
CVE-2025-5583
9.8 - Critical
- June 04, 2025
A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro Real Estate Mgmt Sys 1.0 SQLi via /profile.php content arg
CVE-2025-5582
9.8 - Critical
- June 04, 2025
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /profile.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro Real Estate Mgmt Sys 1.0 SQLi via User param in /admin/index.php
CVE-2025-5581
9.8 - Critical
- June 04, 2025
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro Real Estate Mgmt Sys 1.0: SQLi via /login.php Email
CVE-2025-5580
9.8 - Critical
- June 04, 2025
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro SQL Injection in About Us Page
CVE-2024-11058
7.2 - High
- November 10, 2024
A vulnerability was found in CodeAstro Real Estate Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /aboutedit.php of the component About Us Page. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
SQL Injection
CodeAstro 1.0: Unrestricted File Upload in About Us
CVE-2024-11000
7.2 - High
- November 08, 2024
A vulnerability classified as problematic was found in CodeAstro Real Estate Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /aboutedit.php of the component About Us Page. The manipulation of the argument aimage leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Unrestricted File Upload
CodeAstro 1.0: Unrestricted File Upload in About Us
CVE-2024-10999
7.2 - High
- November 08, 2024
A vulnerability classified as problematic has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /aboutadd.php of the component About Us Page. The manipulation of the argument aimage leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Unrestricted File Upload
XSS in CodeAstro RES 1.0 Feedback Form (profile.php)
CVE-2024-1103
5.4 - Medium
- January 31, 2024
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input <img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252458 is the identifier assigned to this vulnerability.
XSS
SQLi in CodeAstro RESMS 1.0 via pid in propertydetail.php
CVE-2024-0543
7.5 - High
- January 15, 2024
A vulnerability classified as critical has been found in CodeAstro Real Estate Management System up to 1.0. This affects an unknown part of the file propertydetail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250713 was assigned to this vulnerability.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Codeastro Real Estate Management System or by Codeastro? Click the Watch button to subscribe.
