CVE-2006-6067

CVE-2006-6067 describes SQL injection vulnerabilities in 20/20 DataShed (Real Estate Listing System). The affected components are listings.asp (itemID parameter) and f-email.asp (itemID) or listings.asp (peopleID and sort_order). Root cause is SQL command execution via these parameters, with vect...