CVE-2009-3497

2022-10-0316:23:55

mitre

www.cve.org

vulnerability

sql injection

vastal i-tech agent zone

view_listing.php

remote attackers

arbitrary sql commands

id parameter

0.001 Low

EPSS

Percentile

48.9%

JSON

SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the id parameter.

References

secunia.com/advisories/36812

www.packetstormsecurity.org/0909-exploits/realestaterealtors-sql.txt

0.001 Low

EPSS

Percentile

48.9%

JSON

Related for CVELIST:CVE-2009-3497