Description
SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field).
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46394
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/3026
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/7008
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32134
Scores
EPSS
0.0034
EPSS Percentile
56.6%
Details
CWE
CWE-89
Status
published
Products (1)
preprojects/pre_real_estate_listings
Published
May 07, 2009
Tracked Since
Feb 18, 2026