MidnightBSD

Advisories for freerealty.rwcinc

CVE-2010-1708 HIGH

Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
freerealty.rwcinc free_realty 2.8.3
freerealty.rwcinc free_realty 2.9-0.2
freerealty.rwcinc free_realty 2.9-0.7
freerealty.rwcinc free_realty 2.9-0.7.4
freerealty.rwcinc free_realty 2.8.6-1
freerealty.rwcinc free_realty 2.9-0.7.3
freerealty.rwcinc free_realty 2.9-0.7.2
freerealty.rwcinc free_realty 2.8.6
freerealty.rwcinc free_realty 2.7
freerealty.rwcinc free_realty 2.9-0.0
freerealty.rwcinc free_realty 2.9-0.3
freerealty.rwcinc free_realty 2.6
freerealty.rwcinc free_realty 2.9-0.4
freerealty.rwcinc free_realty 2.6.2
freerealty.rwcinc free_realty 3.0-0
freerealty.rwcinc free_realty 2.8.5
freerealty.rwcinc free_realty 2.6.1
freerealty.rwcinc free_realty 2.8
freerealty.rwcinc free_realty 2.9
freerealty.rwcinc free_realty 2.9-0.5
freerealty.rwcinc free_realty 2.9-0.7.1
freerealty.rwcinc free_realty 2.9-0.1
freerealty.rwcinc free_realty 2.8.2
freerealty.rwcinc free_realty 2.8.4