Search
Find a vulnerability
Search criteria
4 vulnerabilities found for real_estate by xstate
CVE-2009-4478 (GCVE-0-2009-4478)
Vulnerability from nvd – Published: 2009-12-30 21:00 – Updated: 2024-08-07 07:01
VLAI
EPSS
VEX
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/36529 | third-party-advisoryx_refsource_SECUNIA |
| http://www.exploit-db.com/exploits/9565 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/57672 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/57671 | vdb-entryx_refsource_OSVDB |
Date Public
2009-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-home-xss(52970)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52970"
},
{
"name": "57672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57672"
},
{
"name": "57671",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-home-xss(52970)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52970"
},
{
"name": "57672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57672"
},
{
"name": "57671",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36529"
},
{
"name": "9565",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-home-xss(52970)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52970"
},
{
"name": "57672",
"refsource": "OSVDB",
"url": "http://osvdb.org/57672"
},
{
"name": "57671",
"refsource": "OSVDB",
"url": "http://osvdb.org/57671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4478",
"datePublished": "2009-12-30T21:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4477 (GCVE-0-2009-4477)
Vulnerability from nvd – Published: 2009-12-30 21:00 – Updated: 2024-08-07 07:01
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/36529 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/57670 | vdb-entryx_refsource_OSVDB |
| http://www.exploit-db.com/exploits/9565 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "57670",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57670"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-page-sql-injection(52968)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52968"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "57670",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57670"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-page-sql-injection(52968)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52968"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36529"
},
{
"name": "57670",
"refsource": "OSVDB",
"url": "http://osvdb.org/57670"
},
{
"name": "9565",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-page-sql-injection(52968)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52968"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4477",
"datePublished": "2009-12-30T21:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4478 (GCVE-0-2009-4478)
Vulnerability from cvelistv5 – Published: 2009-12-30 21:00 – Updated: 2024-08-07 07:01
VLAI
EPSS
VEX
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/36529 | third-party-advisoryx_refsource_SECUNIA |
| http://www.exploit-db.com/exploits/9565 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/57672 | vdb-entryx_refsource_OSVDB |
| http://osvdb.org/57671 | vdb-entryx_refsource_OSVDB |
Date Public
2009-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-home-xss(52970)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52970"
},
{
"name": "57672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57672"
},
{
"name": "57671",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-home-xss(52970)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52970"
},
{
"name": "57672",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57672"
},
{
"name": "57671",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36529"
},
{
"name": "9565",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-home-xss(52970)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52970"
},
{
"name": "57672",
"refsource": "OSVDB",
"url": "http://osvdb.org/57672"
},
{
"name": "57671",
"refsource": "OSVDB",
"url": "http://osvdb.org/57671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4478",
"datePublished": "2009-12-30T21:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4477 (GCVE-0-2009-4477)
Vulnerability from cvelistv5 – Published: 2009-12-30 21:00 – Updated: 2024-08-07 07:01
VLAI
EPSS
VEX
Summary
SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/36529 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/57670 | vdb-entryx_refsource_OSVDB |
| http://www.exploit-db.com/exploits/9565 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-09-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "57670",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57670"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-page-sql-injection(52968)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52968"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36529"
},
{
"name": "57670",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57670"
},
{
"name": "9565",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-page-sql-injection(52968)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52968"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in page.html in Xstate Real Estate 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36529"
},
{
"name": "57670",
"refsource": "OSVDB",
"url": "http://osvdb.org/57670"
},
{
"name": "9565",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9565"
},
{
"name": "xstaterealestate-page-sql-injection(52968)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52968"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4477",
"datePublished": "2009-12-30T21:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}