Lucene search

MitreCVE-2010-4738

HistoryFeb 16, 2011 - 3:00 a.m.

CVE-2010-4738

2011-02-1603:00:03

CWE-89

mitre

web.nvd.nist.gov

cve

2010

4738

sql injection

rae media inc

real estate system

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.001

Percentile

47.8%

JSON

Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 allow remote attackers to execute arbitrary SQL commands via the probe parameter to (1) multi/city.asp in the Multi Agent System and (2) resulttype.asp in the Single Agent System.

Affected configurations

Nvd

Node

raemediareal_estate_single_and_multi_agent_systemMatch3.0

VendorProductVersionCPE
raemediareal_estate_single_and_multi_agent_system3.0cpe:2.3:a:raemedia:real_estate_single_and_multi_agent_system:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
raemedia	real_estate_single_and_multi_agent_system	3.0	cpe:2.3:a:raemedia:real_estate_single_and_multi_agent_system:3.0:::::::*

References

osvdb.org/69627

osvdb.org/69628

packetstormsecurity.org/files/view/96389/raemediaincresmas-sql.txt

secunia.com/advisories/42515

securityreason.com/securityalert/8080

securityreason.com/securityalert/8082

securityreason.com/securityalert/8088

www.securityfocus.com/bid/45211

www.securityfocus.com/bid/45212

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.8

Confidence

Low

EPSS

0.001

Percentile

47.8%

JSON

Related for CVE-2010-4738