VYPR

Sg Real Estate Portal

by Sg Real Estate Portal

CVEs (3)

  • CVE-2008-6011Jan 30, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in SG Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter.

  • CVE-2008-6010Jan 30, 2009
    risk 0.03cvss epss 0.03

    Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod, (2) page, or (3) lang parameter to index.php; or the (4) action or (5) folder parameter in a security request to…

  • CVE-2008-6009Jan 30, 2009
    risk 0.03cvss epss 0.03

    SG Real Estate Portal 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the Auth cookie to 1.