Description
SQL injection vulnerability in findagent.php in MYRE Real Estate Software allows remote attackers to execute arbitrary SQL commands via the page parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by SecPod Research · textwebappsphp
https://www.exploit-db.com/exploits/17811
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://secpod.org/advisories/SECPOD_MRS_SQL_XSS_Vuln.txt
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8376
Scores
EPSS
0.0089
EPSS Percentile
75.6%
Details
CWE
CWE-89
Status
published
Products (1)
myrephp/myre_real_estate_software
Published
Sep 15, 2011
Tracked Since
Feb 18, 2026