Unrated severityNVD Advisory· Published May 14, 2008· Updated Apr 23, 2026
CVE-2008-2190
CVE-2008-2190
Description
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected.
Affected products
4cpe:2.3:a:romedchim_international_srl:online_rent_property_script:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:*:*:*:*:*:*:*:*range: <=4.5
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:romedchim_international_srl:online_rent_property_script:4.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.securityfocus.com/bid/29052nvdExploit
- secunia.com/advisories/30090nvdVendor Advisory
- advisories.echo.or.id/adv/adv91-K-159-2008.txtnvd
- secunia.com/advisories/35147nvd
- securityreason.com/securityalert/3875nvd
- www.securityfocus.com/archive/1/491607/100/0/threadednvd
- www.securityfocus.com/archive/1/491816/100/0/threadednvd
- www.securityfocus.com/bid/35005nvd
- www.vupen.com/english/advisories/2009/1366nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/42191nvd
- www.exploit-db.com/exploits/5542nvd
- www.exploit-db.com/exploits/8711nvd
News mentions
0No linked articles in our index yet.