Virtual Real Estate Manager 3.5 SQL Injection

` ======================================================  
Virtual Real Estate Manager V 3.5 SQLi Vulnerability  
======================================================  
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0  
0 _ __ __ __ 1  
1 /' \ __ /'__`\ /\ \__ /'__`\ 0  
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1  
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0  
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1  
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0  
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1  
1 \ \____/ >> Exploit database separated by exploit 0  
0 \/___/ type (local, remote, DoS, etc.) 1  
1 1  
0 [+] Site : Inj3ct0r.com 0  
1 [+] Support e-mail : submit[at]inj3ct0r.com 1  
0 0  
1 ########################################## 1  
0 I'm Sid3^effects member from Inj3ct0r Team 1  
1 ########################################## 0  
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1  
  
Name : Virtual Real Estate Manager V 3.5 SQLi Vulnerability  
Date : june, 9 2010  
Vendor url :http://www.mckenziecreations.net/products.htm  
Platform: Windows  
Price:$39.95  
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>  
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,gunslinger_  
greetz to :All ICW members.  
  
###############################################################################################################  
Description:  
  
Looking for a Real Estate Listing script? Our Virtual Real Estate Manager was developed in ASP ( Active Server Pages ) and an Access database. End User Features : » Search by Area and type of property » Listings Page includes thumbnail of the property, Short Description, city, date added and price. » Details Page includes - 4 thumbnails that open in a new window with larger view. Heading, Description of the property, Details of the property, email to a friend and request more info. Admin Features : » Add, Edit and Delete Properties - upload images » Add, Edit and Delete Categories » Add, Edit and Delete Area » Change Password VRM : Is delivered via a ZIP file. You receive this exact template with the application. Easy to customize with knowledge of html or one of the following: Design Requirements : Front page - Recommended * Macromedia Dreamweaver Configuration Requirements: Notepad WordPad   
  
###############################################################################################################  
  
Xploit: SQLi Vulnerability  
  
DEMO URL:  
  
http://www.mckenziecreations.net/VRMdemo/listing_detail.asp?Lid=[SQLi]  
  
  
###############################################################################################################  
# 0day no more   
# Sid3^effects   
`