MYRE Real Estate Software Multiple XSS and SQL Injection Vulnerabilities

SecPod Research Team member (Sooraj K.S) has found Multiple XSS and SQL Injection Vulnerabilities in MYRE Real Estate Software. The vulnerability is caused by improper validation of various parameters in several pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

More information on the flaws can be found here.

CVE Info : CVE-2011-3393 , CVE-2011-3394

Welcome any feedback or suggestion.

Cheers!
SecPod Research Team

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments