Vulnerabilities

CVE-2010-1654

by Fred · 30/04/2010

Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information.

Date published : 2010-04-30

http://www.securityfocus.com/bid/39731

http://www.exploit-db.com/exploits/12415

Related

Tags: Cybersecurity Alert