3 matches found
CVE-2009-4477
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2009-4477
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...
CVE-2009-4477
The CVE-2009-4477 entry corresponds to a SQL injection in page.html of Xstate Real Estate 1.0, exploitable via the pid parameter. The vulnerability is network-accessible, with low attack complexity and no authentication required, leading to partial confidentiality, integrity, and availability imp...