CVE-2012-6584 Information

Description

Multiple SQL injection vulnerabilities in MYRE Realty Manager allow remote attackers to execute arbitrary SQL commands via the bathrooms1 parameter to (1) demo2/search.php or (2) search.php.

Reference

http://www.exploit-db.com/exploits/22713/