CVE-2012-6586

Name of the Vulnerable Software and Affected Versions MYRE Vacation Rental Software (affected versions not specified)

Description The issue concerns SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. This can be achieved through specific parameters in certain API endpoints, such as the garage1 or bathrooms1 parameter to "vacation/1 mobile/search.php", or through unspecified input to "vacation/widgate/request more information.php".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.