CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-4782

Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) city, (2) state, (3) country, (4) minprice, (5) maxprice, (6) bed, and (7) bath parameters, different vectors than CVE-2006-6807.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.org/files/view/96305/anandarealestate-sql.txt
http://secunia.com/advisories/23506
http://securityreason.com/securityalert/8185
http://www.exploit-db.com/exploits/15661
http://www.securityfocus.com/bid/45146
http://packetstormsecurity.org/files/view/96305/anandarealestate-sql.txt
http://secunia.com/advisories/23506
http://securityreason.com/securityalert/8185
http://www.exploit-db.com/exploits/15661
http://www.securityfocus.com/bid/45146

Products affected by CVE-2010-4782

Softwebsnepal » Ananda Real Estate » Version: 3.4

cpe:2.3:a:softwebsnepal:ananda_real_estate:3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-4782

Products

Pricing

Contact Us