Vulnerability Description
Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Preprojects | Pre Real Estate Listings | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/32134Exploit
- http://www.vupen.com/english/advisories/2008/3121
- https://www.exploit-db.com/exploits/7094
- http://www.securityfocus.com/bid/32134Exploit
- http://www.vupen.com/english/advisories/2008/3121
- https://www.exploit-db.com/exploits/7094
FAQ
What is CVE-2008-6798?
CVE-2008-6798 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) ...
How severe is CVE-2008-6798?
CVE-2008-6798 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6798?
Check the references section above for vendor advisories and patch information. Affected products include: Preprojects Pre Real Estate Listings.