Search
Find a vulnerability
Search criteria
2 vulnerabilities by romedchim_international_srl
CVE-2008-2190 (GCVE-0-2008-2190)
Vulnerability from nvd – Published: 2008-05-14 17:00 – Updated: 2024-08-07 08:49
VLAI
Summary
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/8711 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/30090 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/29052 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/35147 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2009/1366 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/491816/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/35005 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/5542 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/491607/100… | mailing-listx_refsource_BUGTRAQ |
| http://advisories.echo.or.id/adv/adv91-K-159-2008.txt | x_refsource_MISC |
| http://securityreason.com/securityalert/3875 | third-party-advisoryx_refsource_SREASON |
Date Public
2008-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8711",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8711"
},
{
"name": "30090",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30090"
},
{
"name": "29052",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29052"
},
{
"name": "35147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35147"
},
{
"name": "onlinerental-index-sql-injection(42191)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42191"
},
{
"name": "ADV-2009-1366",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1366"
},
{
"name": "20080508 Re: [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491816/100/0/threaded"
},
{
"name": "35005",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35005"
},
{
"name": "5542",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5542"
},
{
"name": "20080505 [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491607/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt"
},
{
"name": "3875",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3875"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8711",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8711"
},
{
"name": "30090",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30090"
},
{
"name": "29052",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29052"
},
{
"name": "35147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35147"
},
{
"name": "onlinerental-index-sql-injection(42191)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42191"
},
{
"name": "ADV-2009-1366",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1366"
},
{
"name": "20080508 Re: [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491816/100/0/threaded"
},
{
"name": "35005",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35005"
},
{
"name": "5542",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5542"
},
{
"name": "20080505 [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491607/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt"
},
{
"name": "3875",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3875"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8711",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8711"
},
{
"name": "30090",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30090"
},
{
"name": "29052",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29052"
},
{
"name": "35147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35147"
},
{
"name": "onlinerental-index-sql-injection(42191)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42191"
},
{
"name": "ADV-2009-1366",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1366"
},
{
"name": "20080508 Re: [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491816/100/0/threaded"
},
{
"name": "35005",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35005"
},
{
"name": "5542",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5542"
},
{
"name": "20080505 [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491607/100/0/threaded"
},
{
"name": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt"
},
{
"name": "3875",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3875"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2190",
"datePublished": "2008-05-14T17:00:00.000Z",
"dateReserved": "2008-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:49:58.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2190 (GCVE-0-2008-2190)
Vulnerability from cvelistv5 – Published: 2008-05-14 17:00 – Updated: 2024-08-07 08:49
VLAI
Summary
SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/8711 | exploitx_refsource_EXPLOIT-DB |
| http://secunia.com/advisories/30090 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/29052 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/35147 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2009/1366 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/491816/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/35005 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/5542 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/archive/1/491607/100… | mailing-listx_refsource_BUGTRAQ |
| http://advisories.echo.or.id/adv/adv91-K-159-2008.txt | x_refsource_MISC |
| http://securityreason.com/securityalert/3875 | third-party-advisoryx_refsource_SREASON |
Date Public
2008-05-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8711",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8711"
},
{
"name": "30090",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30090"
},
{
"name": "29052",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29052"
},
{
"name": "35147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35147"
},
{
"name": "onlinerental-index-sql-injection(42191)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42191"
},
{
"name": "ADV-2009-1366",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1366"
},
{
"name": "20080508 Re: [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491816/100/0/threaded"
},
{
"name": "35005",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35005"
},
{
"name": "5542",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5542"
},
{
"name": "20080505 [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491607/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt"
},
{
"name": "3875",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3875"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8711",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8711"
},
{
"name": "30090",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30090"
},
{
"name": "29052",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29052"
},
{
"name": "35147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35147"
},
{
"name": "onlinerental-index-sql-injection(42191)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42191"
},
{
"name": "ADV-2009-1366",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1366"
},
{
"name": "20080508 Re: [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491816/100/0/threaded"
},
{
"name": "35005",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35005"
},
{
"name": "5542",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5542"
},
{
"name": "20080505 [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491607/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt"
},
{
"name": "3875",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3875"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Online Rent (aka Online Rental Property Script) 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it was later reported that 5.0 and earlier are also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8711",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8711"
},
{
"name": "30090",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30090"
},
{
"name": "29052",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29052"
},
{
"name": "35147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35147"
},
{
"name": "onlinerental-index-sql-injection(42191)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42191"
},
{
"name": "ADV-2009-1366",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1366"
},
{
"name": "20080508 Re: [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491816/100/0/threaded"
},
{
"name": "35005",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35005"
},
{
"name": "5542",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5542"
},
{
"name": "20080505 [ECHO_ADV_91$2008] Online Rental Property Script \u003c= 4.5 (pid) Blind Sql Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491607/100/0/threaded"
},
{
"name": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv91-K-159-2008.txt"
},
{
"name": "3875",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3875"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2190",
"datePublished": "2008-05-14T17:00:00.000Z",
"dateReserved": "2008-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:49:58.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}