CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6798

Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/32134
http://www.vupen.com/english/advisories/2008/3121
https://www.exploit-db.com/exploits/7094
http://www.securityfocus.com/bid/32134
http://www.vupen.com/english/advisories/2008/3121
https://www.exploit-db.com/exploits/7094

Products affected by CVE-2008-6798

Preprojects » Pre Real Estate Listings » Version: Any

cpe:2.3:a:preprojects:pre_real_estate_listings:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6798

Products

Pricing

Contact Us