2 matches found
CVE-2008-2265
CVE-2008-2265 describes a SQL injection in the EMO Realty Manager’s web frontend, specifically in news.php via the ida parameter. The underlying issue is improper sanitization of user-supplied input, allowing remote attackers to craft SQL commands that the application passes to the database. The ...
CVE-2010-5006
CVE-2010-5006 affects EMO Realty Manager, specifically the googlemap/index.php component. The issue is a SQL injection in the cat1 parameter that allows remote arbitrary SQL execution. This is documented by multiple connected sources (OpenVAS description and NVD entry). The provided documents do ...