klf-realty [injection sql]

2006-11-22T00:00:00
ID SECURITYVULNS:DOC:15175
Type securityvulns
Reporter Securityvulns
Modified 2006-11-22T00:00:00

Description

vendor site:http://klf-design.com/ product :klf-realty bug:injection sql risk : medium

injection sql : /search_listing.asp?category='[sql] /detail.asp?property_id='[sql] /search_listing.asp?agent='[sql]

laurent gaffie & benjamin mosse http://s-a-p.ca/ contact: saps.audit@gmail.com