cpe:/a:preprojects:pre_real_estate_listings CVE-2008-6796 2009-05-07T13:30:04.750-04:00 2017-09-28T21:33:20.793-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-07T14:07:00.000-04:00 BID 32134 EXPLOIT-DB 7008 VUPEN ADV-2008-3026 XF prerealestatelistings-login-sql-injection(46394) SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field).