CVE-2008-4177
CVE-2008-4177 describes an SQL injection in search.php of Pre Real Estate Listings, allowing remote attackers to execute arbitrary SQL via the c parameter. NVD lists CVSS v2 base score 7.5 (HIGH) with NETWORK/vector: AV:N, AC:L, Au:N, C:P/I:P/A:P.