Unrated severityNVD Advisory· Published May 14, 2008· Updated Jun 16, 2026
CVE-2008-2190
CVE-2008-2190
Description
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:romedchim_international_srl:online_rent_property_script:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:*:*:*:*:*:*:*:*range: <=4.5
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:4.4:*:*:*:*:*:*:*
- Range: <=4.5, <=5.0
Patches
Vulnerability mechanics
References
12- www.securityfocus.com/bid/29052nvdExploit
- secunia.com/advisories/30090nvdVendor Advisory
- advisories.echo.or.id/adv/adv91-K-159-2008.txtnvd
- secunia.com/advisories/35147nvd
- securityreason.com/securityalert/3875nvd
- www.securityfocus.com/archive/1/491607/100/0/threadednvd
- www.securityfocus.com/archive/1/491816/100/0/threadednvd
- www.securityfocus.com/bid/35005nvd
- www.vupen.com/english/advisories/2009/1366nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/42191nvd
- www.exploit-db.com/exploits/5542nvd
- www.exploit-db.com/exploits/8711nvd
News mentions
0No linked articles in our index yet.