Intrusion Prevention

NuRealestate.Propertysdetails.ASP.SQL.Injection

Description

It indicates a possible exploit of a SQL injection vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems), that may allow remote attackers to execute arbitrary SQL commands via the PropID parameter.

Affected Products

Dynamic Data Worx NuRealestate 1.0

Impact

System compromise.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2006-5886