SQL Injection Vulnerability in NetArtMedia Real Estate Portal
CVE-2008-6042

Currently unrated

Key Information:

Vendor: Netartmedia
Status: Real Estate Portal
Vendor: CVE Published:; 3 February 2009

🔔 Create Netartmedia Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-6042?

The SQL injection vulnerability in the re_search module of NetArtMedia's Real Estate Portal 2.0 allows remote attackers to exploit the ad parameter in index.php to execute arbitrary SQL commands. This can lead to unauthorized access to sensitive data and potential compromise of the database. It's crucial for users of this software to apply necessary patches and follow security best practices to mitigate risks associated with this vulnerability.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-6042 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45271

vdb-entryx_refsource_XF

http://secunia.com/advisories/31940

third-party-advisoryx_refsource_SECUNIA

https://www.exploit-db.com/exploits/6518

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Feb 3, 2009
👾
Exploit known to exist
Feb 3, 2009
Vulnerability published
Feb 3, 2009
Vulnerability Reserved
Feb 2, 2009

CVE-2008-6042 Data

JSON