CVE-2010-1708

2010-05-0415:00:00

mitre

www.cve.org

8.7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

27.8%

JSON

Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).

References

packetstormsecurity.org/1004-exploits/freerealty-sql.txt

www.exploit-db.com/exploits/12411

www.securityfocus.com/bid/39712

exchange.xforce.ibmcloud.com/vulnerabilities/58193