cpe:/a:therealestatescript:the_real_estate_script CVE-2008-2443 2008-05-27T10:32:00.000-04:00 2017-09-28T21:31:10.147-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-05-27T11:05:00.000-04:00 ALLOWS_OTHER_ACCESS BID 29200 SECUNIA 30244 EXPLOIT-DB 5610 VUPEN ADV-2008-1524 XF therealestatescript-docid-sql-injection(42399) SQL injection vulnerability in dpage.php in The Real Estate Script allows remote attackers to execute arbitrary SQL commands via the docID parameter.