SQL injection vulnerability in NetArt Media Real Estate Portal 1.2 allows remote attackers to execute arbitrary SQL commands via the ad_id parameter in the re_send_email module to index.php.
https://www.exploit-db.com/exploits/7208
https://exchange.xforce.ibmcloud.com/vulnerabilities/46808