cpe:/a:preprojects:pre_real_estate_listings CVE-2008-6798 2009-05-07T14:30:00.203-04:00 2017-09-28T21:33:20.840-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-08T08:34:00.000-04:00 BID 32134 EXPLOIT-DB 7094 VUPEN ADV-2008-3121 Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote attackers to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field).