Sg Real Estate Portal: Security Vulnerabilities
SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.
CVSS Score
7.5
EPSS Score
0.018
Published
2009-01-30
Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod, (2) page, or (3) lang parameter to index.php; or the (4) action or (5) folder parameter in a security request to admin/index.php.
CVSS Score
5.0
EPSS Score
0.015
Published
2009-01-30
SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVSS Score
7.5
EPSS Score
0.002
Published
2009-01-30