CVE-2006-6342

KLF-REALTY - SQL Injection via Category, Agent, or Property ID Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-6342. PoCs published by laurent gaffie.

AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in Klf-Realty software, with example URLs demonstrating how unsanitized input can be exploited. No actual exploit code is present, only a description and proof-of-concept URLs.

Description

Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) agent parameters in (a) search_listing.asp, and the (3) property_id parameter in (b) detail.asp.

Exploits (2)

exploitdb WRITEUP VERIFIED
by laurent gaffie · textwebappsasp
https://www.exploit-db.com/exploits/29142

The provided text describes SQL injection vulnerabilities in Klf-Realty software, with example URLs demonstrating how unsanitized input can be exploited. No actual exploit code is present, only a description and proof-of-concept URLs.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Klf-Realty (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by laurent gaffie · textwebappsasp
https://www.exploit-db.com/exploits/29143

The provided text describes a SQL injection vulnerability in Klf-Realty software, where the 'property_id' parameter in 'detail.asp' is not properly sanitized. It includes a basic example URL for exploitation but lacks actual exploit code.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Klf-Realty (version not specified)
No auth needed
Prerequisites: Access to the vulnerable 'detail.asp' endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/452115/100/200/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21199
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30435
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1976

Scores

EPSS 0.0099
EPSS Percentile 58.0%

Details

Status published
Products (1)
klf-design/klf-realty
Published Dec 07, 2006
Tracked Since Feb 18, 2026