vendor:
SG Real Estate Portal
by:
Stack
7.5
CVSS
HIGH
Insecure Cookie Handling
614
CWE
Product Name: SG Real Estate Portal
Affected Version From: 2
Affected Version To: 2
Patch Exists: YES
Related CWE: CVE-2008-4456
CPE: a:sg_real_estate_portal:sg_real_estate_portal:2.0
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1289/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0110/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2009-1461/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2008-4456/, https://www.rapid7.com/db/vulnerabilities/apple-osx-mysql-cve-2008-4456/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2008-4456/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2008-4456/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008
SG Real Estate Portal 2.0 Insecure Cookie Handling Vulnerability
SG Real Estate Portal 2.0 is prone to an insecure cookie handling vulnerability. This issue is due to a failure in the application to properly validate user-supplied input. An attacker can exploit this issue to gain unauthorized access to the application.
Mitigation:
No known mitigation
