2 matches found
CVE-2006-5955
Affected software: 20/20 DataShed (Real Estate Listing System). Vulnerable component: listings.asp (CVE-2006-5955) with vulnerability exposed via the itemID parameter, enabling SQL commands to be executed remotely. Related entry CVE-2006-6067 documents additional vectors (itemID to f-email.asp an...
CVE-2006-6067
CVE-2006-6067 describes SQL injection vulnerabilities in 20/20 DataShed (Real Estate Listing System). The affected components are listings.asp (itemID parameter) and f-email.asp (itemID) or listings.asp (peopleID and sort_order). Root cause is SQL command execution via these parameters, with vect...