CVE-2008-5772 Information

Description

Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp.

Reference

http://osvdb.org/50707 http://osvdb.org/50708 http://secunia.com/advisories/33167 http://securityreason.com/securityalert/4848 http://www.securityfocus.com/bid/32812 https://exchange.xforce.ibmcloud.com/vulnerabilities/47323 https://www.exploit-db.com/exploits/7464