Whomp · Whomp Real Estate Manager Xp · CVE-2006-0624
**Name of the Vulnerable Software and Affected Versions**
Whomp Real Estate Manager XP version 2005
**Description**
The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `username` and `password` parameters in the "check.asp" endpoint.
**Recommendations**
For Whomp Real Estate Manager XP version 2005, consider restricting access to the check.asp endpoint until a fix is available. As a temporary workaround, avoid using the `username` and `password` parameters in this endpoint to minimize the risk of exploitation.