Xstate Real Estate vulnerabilities
2 known vulnerabilities affecting xstate/real_estate.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-4477P3HIGHCVSS 7.5PoCv1.02009-12-30
CVE-2009-4477 [HIGH] CWE-89 CVE-2009-4477: SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execut
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
nvd
CVE-2009-4478P4MEDIUMCVSS 4.3PoCv1.02009-12-30
CVE-2009-4478 [MEDIUM] CWE-79 CVE-2009-4478: Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
nvd