cpe:/a:vastal:agent_zone CVE-2008-3951 2008-09-10T21:13:47.383-04:00 2017-09-28T21:31:55.163-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-09-11T14:52:00.000-04:00 ALLOWS_OTHER_ACCESS BID 31032 SREASON 4230 EXPLOIT-DB 6371 XF agentzone-viewann-sql-injection(44945) SQL injection vulnerability in view_ann.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the ann_id parameter.