Unrated severityNVD Advisory· Published Nov 10, 2006· Updated Jun 16, 2026

CVE-2006-5840

Description

Multiple SQL injection vulnerabilities in Abarcar Realty Portal allow remote attackers to execute arbitrary SQL commands via the (1) neid parameter to newsdetails.php, or the (2) slid parameter to slistl.php. NOTE: the cat vector is already covered by CVE-2006-2853. NOTE: the vendor has notified CVE that the current version only creates static pages, and that slistl.php/slid never existed in any version

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Abarcar/Abarcar Realty Portal3 versions
cpe:2.3:a:abarcar:abarcar_realty_portal:5.1.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:abarcar:abarcar_realty_portal:5.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:abarcar:abarcar_realty_portal:6.0.1:*:*:*:*:*:*:*
- (no CPE)

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/20970nvdExploitPatch
secunia.com/advisories/22792nvdVendor Advisory
securityreason.com/securityalert/1840nvdThird Party Advisory
www.securityfocus.com/archive/1/450946/100/0/threadednvdThird Party Advisory
www.vupen.com/english/advisories/2006/4418nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/30135nvdThird Party Advisory
attrition.org/pipermail/vim/2006-December/001190.htmlnvdMailing List
s-a-p.ca/index.phpnvdURL Repurposed
www.attrition.org/pipermail/vim/2006-December/001170.htmlnvdMailing List
www.osvdb.org/30249nvdBroken Link
www.osvdb.org/30250nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000