SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ananda_real_estate | Softwebs_nepal | * | 3.4 (including) |
References
- http://secunia.com/advisories/23506
- http://www.securityfocus.com/bid/21771
- http://www.vupen.com/english/advisories/2006/5179
- https://www.exploit-db.com/exploits/3001
- http://secunia.com/advisories/23506
- http://www.securityfocus.com/bid/21771
- http://www.vupen.com/english/advisories/2006/5179
- https://www.exploit-db.com/exploits/3001