{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-13T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "51076", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/51076"}, {"name": "20080213 Provided By Development Solutions SQL Injection Exploit(panel)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/488070/100/200/threaded"}, {"name": "27779", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27779"}, {"name": "realestateweb-agentlist-sql-injection(40509)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40509"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-7030", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "51076", "refsource": "OSVDB", "url": "http://www.osvdb.org/51076"}, {"name": "20080213 Provided By Development Solutions SQL Injection Exploit(panel)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/488070/100/200/threaded"}, {"name": "27779", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27779"}, {"name": "realestateweb-agentlist-sql-injection(40509)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40509"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-7030", "datePublished": "2009-08-24T10:00:00", "dateReserved": "2009-08-23T00:00:00", "dateUpdated": "2018-10-11T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:site2nite:real_estate_web:*:*:*:*:*:*:*:*", "matchCriteriaId": "02DA53AC-8D44-49BB-B78F-33AD17E3DF59", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en Site2Nite Real Estate Web, permiten a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de los campos (1) username -nombre de usaurio- o (2) password -contrase\u00f1a- de un componente no especificado, puede que agentlist.asp. NOTA: Esta vulnerabilidad ha sido reportada por un investigador de poca confianza, por lo que puede tener incorrecciones."}], "id": "CVE-2008-7030", "lastModified": "2018-10-11T20:58:05.427", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-08-24T10:30:01.563", "references": [{"source": "cve@mitre.org", "url": "http://www.osvdb.org/51076"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/488070/100/200/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27779"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40509"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}