CVE-2006-5886 | Vulnerability Database | Aqua Security

SQL injection vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the PropID parameter.

Affected Software

Name	Vendor	Start Version	End Version
Nurealestate	Dynamic_dataworx	1.0 (including)	1.0 (including)

References

http://secunia.com/advisories/22828
http://securityreason.com/securityalert/1850
http://www.securityfocus.com/archive/1/451331/100/0/threaded
http://www.securityfocus.com/bid/21017
http://www.vupen.com/english/advisories/2006/4469
https://exchange.xforce.ibmcloud.com/vulnerabilities/30194
https://www.exploit-db.com/exploits/2755
http://secunia.com/advisories/22828
http://securityreason.com/securityalert/1850
http://www.securityfocus.com/archive/1/451331/100/0/threaded
http://www.securityfocus.com/bid/21017
http://www.vupen.com/english/advisories/2006/4469
https://exchange.xforce.ibmcloud.com/vulnerabilities/30194
https://www.exploit-db.com/exploits/2755

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5886
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html