{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2015-20117", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-15T18:06:12.182Z", "datePublished": "2026-03-15T18:34:16.030Z", "dateUpdated": "2026-03-16T14:30:31.130Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-15T18:34:16.030Z"}, "datePublic": "2015-10-19T00:00:00.000Z", "title": "RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation", "descriptions": [{"lang": "en", "value": "Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create unauthorized user accounts and administrative users by crafting malicious forms. Attackers can submit hidden form data to /admin/addusers.php and /admin/editadmins.php endpoints to register new users with arbitrary credentials and escalate privileges to SUPERUSER level."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "affected": [{"vendor": "Next Click Ventures", "product": "RealtyScript", "versions": [{"version": "4.0.2", "status": "affected"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/38496", "name": "ExploitDB-38496", "tags": ["exploit"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5269.php", "name": "Zero Science Lab Disclosure", "tags": ["third-party-advisory"]}, {"name": "VulnCheck Advisory: RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/realtyscript-cross-site-request-forgery-unauthorized-user-creation"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2015-20117", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T14:19:59.900856Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T14:30:31.130Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2015-20117", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T14:19:59.900856Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T14:21:14.325Z"}}], "cna": {"title": "RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation", "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Next Click Ventures", "product": "RealtyScript", "versions": [{"status": "affected", "version": "4.0.2"}]}], "datePublic": "2015-10-19T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/38496", "name": "ExploitDB-38496", "tags": ["exploit"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5269.php", "name": "Zero Science Lab Disclosure", "tags": ["third-party-advisory"]}, {"url": "https://www.vulncheck.com/advisories/realtyscript-cross-site-request-forgery-unauthorized-user-creation", "name": "VulnCheck Advisory: RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create unauthorized user accounts and administrative users by crafting malicious forms. Attackers can submit hidden form data to /admin/addusers.php and /admin/editadmins.php endpoints to register new users with arbitrary credentials and escalate privileges to SUPERUSER level."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "Cross-Site Request Forgery (CSRF)"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-15T18:34:16.030Z"}}}, "cveMetadata": {"cveId": "CVE-2015-20117", "state": "PUBLISHED", "dateUpdated": "2026-03-16T14:30:31.130Z", "dateReserved": "2026-03-15T18:06:12.182Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-15T18:34:16.030Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nextclickventures:realtyscript:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "237FBCF4-383B-4460-82EF-FC61A749D53B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create unauthorized user accounts and administrative users by crafting malicious forms. Attackers can submit hidden form data to /admin/addusers.php and /admin/editadmins.php endpoints to register new users with arbitrary credentials and escalate privileges to SUPERUSER level."}, {"lang": "es", "value": "Next Click Ventures RealtyScript 4.0.2 contiene una vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados que permite a atacantes no autenticados crear cuentas de usuario no autorizadas y usuarios administrativos mediante la creaci\u00f3n de formularios maliciosos. Los atacantes pueden enviar datos de formulario ocultos a los puntos finales /admin/addusers.PHP y /admin/editadmins.PHP para registrar nuevos usuarios con credenciales arbitrarias y escalar privilegios a nivel SUPERUSER."}], "id": "CVE-2015-20117", "lastModified": "2026-03-19T14:13:34.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-16T14:17:47.260", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/38496"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/realtyscript-cross-site-request-forgery-unauthorized-user-creation"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5269.php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "4.0.2"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "RealtyScript", "source": "cna", "vendor": "Next Click Ventures"}, "product": "realtyscript", "vendor": "next_click_ventures"}], "analysis": {"en": {"generated_at": "2026-03-19T16:05:10.697672+00:00", "value": {"mitigation_remediation": ["Contact Next Click Ventures to obtain and apply a patch or upgrade to a fixed version of RealtyScript.", "If a patch is not immediately available, disable or restrict access to the /admin/addusers.php and /admin/editadmins.php endpoints.", "Implement CSRF protection on all administrative forms to prevent unauthorized form submissions.", "Review and tighten user privilege assignments, removing unnecessary superuser creation capabilities.", "Monitor application logs for unexpected user account creation events."], "summary": {"action": "Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Next Click Ventures RealtyScript product, specifically version 4.0.2. No other versions are mentioned in the available data. The attack does not rely on a particular sub-version or patch level beyond 4.0.2, so systems running this exact release are considered vulnerable.\n", "description_and_impact": "Next Click Ventures RealtyScript 4.0.2 contains a cross-site request forgery (CWE-352) vulnerability that allows an unauthenticated attacker to submit malicious form data to the /admin/addusers.php and /admin/editadmins.php endpoints. By crafting a request with arbitrary credentials, an attacker can create new user accounts, including administrative accounts with SUPERUSER level privileges, thereby gaining full control over the application. The primary impact is unauthorized privilege escalation and potential compromise of confidentiality, integrity, and availability of the system.\n", "risk_and_exploitability": "The CVSS score of 6.9 indicates moderate severity, and the EPSS score of less than 1% suggests a very low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. The attack vector is inferred to be remote, through a malicious web form or script that submits data directly to the vulnerable endpoints, without the need for pre-existing credentials. Exploitation requires only basic network connectivity and a crafted request, making it relatively simple in principle but still limited by the low exploit probability indicated by EPSS.\n"}}}}, "created": "2026-03-16T09:21:17.018011+00:00", "updated": "2026-03-23T14:01:29.596584+00:00", "vendors": ["next_click_ventures", "next_click_ventures$PRODUCT$realtyscript"]}