CVE-2012-6586 Information

Description

Multiple SQL injection vulnerabilities in MYRE Vacation Rental Software allow remote attackers to execute arbitrary SQL commands via the (1) garage1 or (2) bathrooms1 parameter to vacation/1_mobile/search.php or (3) unspecified input to vacation/widgate/request_more_information.php.

Reference

http://www.exploit-db.com/exploits/22712/