PT-2009-2267 · Unknown · Pre Real Estate Listings
Backdoor
·
Publicado
2009-05-07
·
Atualizado
2017-09-29
·
CVE-2008-6798
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Pre Real Estate Listings (affected versions not specified)
Description:
The issue concerns SQL injection vulnerabilities in the login.php file. Remote attackers can execute arbitrary SQL commands by manipulating the
us parameter (also known as the Username field) or the ps parameter (also known as the Password field).Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pre Real Estate Listings