Vulnerabilities > CVE-2006-6807 - SQL Injection vulnerability in Ananda Real Estate List.ASP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
softwebs-nepal
exploit available

Summary

SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter.

Vulnerable Configurations

Part Description Count
Application
Softwebs_Nepal
1

Exploit-Db

  • descriptionAnanda Real Estate <= 3.4 (agent) Remote SQL Injection Vulnerability. CVE-2006-6807,CVE-2010-4782. Webapps exploit for asp platform
    fileexploits/asp/webapps/3001.txt
    idEDB-ID:3001
    last seen2016-01-31
    modified2006-12-24
    platformasp
    port
    published2006-12-24
    reporterajann
    sourcehttps://www.exploit-db.com/download/3001/
    titleAnanda Real Estate <= 3.4 agent Remote SQL Injection Vulnerability
    typewebapps
  • descriptionAnanda Real Estate 3.4 (list.asp) Multiple SQL Injection. CVE-2006-6807,CVE-2010-4782. Webapps exploit for asp platform
    fileexploits/asp/webapps/15661.txt
    idEDB-ID:15661
    last seen2016-02-01
    modified2010-12-02
    platformasp
    port
    published2010-12-02
    reporterunderground-stockholm.com
    sourcehttps://www.exploit-db.com/download/15661/
    titleAnanda Real Estate 3.4 list.asp Multiple SQL Injection
    typewebapps