CVE-2010-4273

Description

SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

• accimoveis / descargarvista_acc_imoveis1.1 – 1.1

References

• EXPLOIThttp://packetstormsecurity.org/1010-exploits/accimoveis-sql.txt
• MISChttp://www.securityfocus.com/bid/44481
• EXPLOIThttp://www.exploit-db.com/exploits/15338
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/62843