cve/2008/CVE-2008-3861.md

CVE-2008-3861

Description

Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php.

POC

Reference

• http://securityreason.com/securityalert/4198
• https://www.exploit-db.com/exploits/6320

Github

No PoCs found on GitHub currently.