CVE-2006-6807

Softwebs Nepal Ananda Real Estate <3.4 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsasp

https://www.exploit-db.com/exploits/3001

View Code ZIP pw:eip

exploitdb WORKING POC

webappsasp

https://www.exploit-db.com/exploits/15661

View on exploitdb

References (4)

[Vendor Advisory] http://secunia.com/advisories/23506

[Exploit] http://www.securityfocus.com/bid/21771

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3001

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/5179

Scores

EPSS 0.0185

EPSS Percentile 82.7%

Classification

Status draft

Affected Products (1)

softwebs_nepal/ananda_real_estate < 3.4

Timeline

Published Dec 28, 2006

Tracked Since Feb 18, 2026