cpe:/a:site2nite:real_estate_web CVE-2008-0771 2008-02-13T19:00:00.000-05:00 2017-08-07T21:29:43.073-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-02-14T13:24:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080116 [Aria-Security.Net] Real Estate Web SQL Injection BID 27330 SECUNIA 28531 SREASON 3650 XF realestatewebsite-default-sql-injection(39734) Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.