Xstate: >> Real Estate >> 1.0 Security Vulnerabilities
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-12-30
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
CVSS Score
4.3
EPSS Score
0.016
Published
2009-12-30