CVE-2008-2265
CVE-2008-2265 describes a SQL injection in the EMO Realty Manager’s web frontend, specifically in news.php via the ida parameter. The underlying issue is improper sanitization of user-supplied input, allowing remote attackers to craft SQL commands that the application passes to the database. The ...