2 matches found
CVE-2009-1658
CVE-2009-1658 corresponds to multiple SQL injection vulnerabilities in Realty Web-Base 1.0, specifically in the admin/admin.php module. The root cause, as described across the provided records, is improper handling of user input (parameters: username and password), enabling remote attackers to co...
CVE-2009-1751
CVE-2009-1751 describes an SQL injection in Realty Webware Technologies Web-Base 1.0, exploitable via the id parameter in list_list.php. The vulnerability allows remote attackers to craft input that alters SQL queries, with a CVSSv2 base score of 7.5 (HIGH) and network attack vector with no authe...