CVE-2008-4328

Publication date

2008-09-30 17:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the (1) item, (2) search_ordermethod, and (3) search_order parameters.