CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-5840

Multiple SQL injection vulnerabilities in Abarcar Realty Portal allow remote attackers to execute arbitrary SQL commands via the (1) neid parameter to newsdetails.php, or the (2) slid parameter to slistl.php. NOTE: the cat vector is already covered by CVE-2006-2853. NOTE: the vendor has notified CVE that the current version only creates static pages, and that slistl.php/slid never existed in any version

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 80.9%

CVSS Severity

CVSS v2 Score 7.5

References

http://attrition.org/pipermail/vim/2006-December/001190.html
http://s-a-p.ca/index.php?page=OurAdvisories&id=7
http://secunia.com/advisories/22792
http://securityreason.com/securityalert/1840
http://www.attrition.org/pipermail/vim/2006-December/001170.html
http://www.osvdb.org/30249
http://www.osvdb.org/30250
http://www.securityfocus.com/archive/1/450946/100/0/threaded
http://www.securityfocus.com/bid/20970
http://www.vupen.com/english/advisories/2006/4418
https://exchange.xforce.ibmcloud.com/vulnerabilities/30135
http://attrition.org/pipermail/vim/2006-December/001190.html
http://s-a-p.ca/index.php?page=OurAdvisories&id=7
http://secunia.com/advisories/22792
http://securityreason.com/securityalert/1840
http://www.attrition.org/pipermail/vim/2006-December/001170.html
http://www.osvdb.org/30249
http://www.osvdb.org/30250
http://www.securityfocus.com/archive/1/450946/100/0/threaded
http://www.securityfocus.com/bid/20970
http://www.vupen.com/english/advisories/2006/4418
https://exchange.xforce.ibmcloud.com/vulnerabilities/30135

Products affected by CVE-2006-5840

Abarcar » Abarcar Realty Portal » Version: 5.1.5

cpe:2.3:a:abarcar:abarcar_realty_portal:5.1.5
Abarcar » Abarcar Realty Portal » Version: 6.0.1

cpe:2.3:a:abarcar:abarcar_realty_portal:6.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-5840

Products

Pricing

Contact Us