CVE ID :CVE-2015-20121 Published : March 15, 2026, 6:34 p.m. | 1 hour, 3 minutes ago Description :Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL code through the GET parameter 'u_id' in /admin/users.php and the POST parameter 'agent[]' in /admin/mailer.php. Attackers can exploit time-based blind SQL injection techniques to extract sensitive database information or cause denial of service through sleep-based payloads. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...