Description
Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the (1) garage1 or (2) bathrooms1 parameter to vacation/1_mobile/search.php, or (3) unspecified input to vacation/widgate/request_more_information.php.
Exploits (1)
References (1)
Core 1
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/22712/
Scores
EPSS
0.0100
EPSS Percentile
77.1%
Details
CWE
CWE-89
Status
published
Products (1)
myrephp/myre_vacation_rental
Published
Aug 25, 2013
Tracked Since
Feb 18, 2026