2 matches found
CVE-2006-3148
The CVE-2006-3148 entry concerns an SQL injection in Open-Realty 2.3.1. The vulnerability affects the application via the sorttype parameter to index.php, with potential arbitrary SQL execution if exploitable. The root cause is a likely improper handling of user input in search.inc.php, as cited ...
CVE-2006-3148
SQL injection vulnerability, possibly in search.inc.php, in Open-Realty 2.3.1 allows remote attackers to execute arbitrary SQL commands via the sorttype parameter to index.php...