2 matches found
Sql injection
SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the uname parameter, a different vector than CVE-2007-6163. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2007-6163
CVE-2007-6163: Concrete details across connected sources show a SQL injection vulnerability in admin/index2.asp of GOUAE DWD Realty. The pword (Password) parameter is exploitable to execute arbitrary SQL commands, enabling remote attackers to interact with the database. Related entries also note ...