CVE-2006-3148

Publication date

2006-06-22 22:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability, possibly in search.inc.php, in Open-Realty 2.3.1 allows remote attackers to execute arbitrary SQL commands via the sorttype parameter to index.php.