Описание
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:freerealty.rwcinc:free_realty:2.6:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre1:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre2:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre3:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre4:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre5:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre6:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.7:pre7:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.6:pre1:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.6:pre2:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.6:pre3:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.8.6-1:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9:pre1:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9:pre2:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9:pre2.1:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9:pre2.2:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9:pre3.0:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.0:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.1:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.2:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.3:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.4:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.5:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.7:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:2.9-0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc1:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc2:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc3:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc4:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc5:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc6:*:*:*:*:*:*
cpe:2.3:a:freerealty.rwcinc:free_realty:3.0-0:rc7:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.0035
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
EPSS
Процентиль: 57%
0.0035
Низкий
7.5 High
CVSS2
Дефекты
CWE-89