Lucene search
+L

6 matches found

CVE
CVE
added 2012/02/02 5:0 p.m.52 views

CVE-2012-0982

CVE-2012-0982 describes an SQL injection vulnerability in Vastal I-Tech Agent Zone (aka The Real Estate Script). The issue exists in search.php and allows remote attackers to execute arbitrary SQL commands through the price_from parameter. The description explicitly notes remote exploitation with...

7.5CVSS9.9AI score0.01102EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/09/30 3:30 p.m.20 views

Sql injection

SQL injection vulnerability in viewlisting.php in Vastal I-Tech Agent Zone aka The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9AI score0.01134EPSS
Exploits1References2
CVE
CVE
added 2009/09/30 3:0 p.m.58 views

CVE-2009-3497

Vastal I-Tech Agent Zone (aka The Real Estate Script) is affected by CVE-2009-3497 due to an SQL injection in view_listing.php via the id parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands. The affected component is the view_listing.php script; the root cause i...

7.5CVSS10AI score0.01134EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2008/09/09 1:9 p.m.49 views

CVE-2008-3951

CVE-2008-3951 describes an SQL injection vulnerability in the Web app component for Vastal I-Tech Agent Zone (aka The Real Estate Script). The issue resides in the view_ann.php handler, where the parameter ann_id can be manipulated by an attacker to cause arbitrary SQL execution. This is a remote...

7.5CVSS10AI score0.01051EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/05/27 2:32 p.m.15 views

Sql injection

SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter...

7.5CVSS9.1AI score0.01003EPSS
Exploits1References5
CVE
CVE
added 2008/05/27 2:0 p.m.38 views

CVE-2008-2443

SQL injection vulnerability in The Real Estate Script’s dpage.php (docID parameter) allows remote attackers to execute arbitrary SQL commands. This is a vulnerability in the Real Estate Script where the docID input is not properly sanitized, enabling potentially partial/complete database impact. ...

7.5CVSS8.4AI score0.01003EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder