CVE-2008-7030

Site2Nite Real Estate Web - SQL Injection via Username or Password Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-7030. PoCs published by S@BUN.

AI-analyzed exploit summary This exploit demonstrates SQL injection vulnerabilities in Site2Nite Real Estate Web by providing proof-of-concept login credentials that bypass authentication. The payload manipulates SQL queries to return true conditions, allowing unauthorized access.

Description

Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect.

Exploits (1)

exploitdb WORKING POC VERIFIED
by S@BUN · textwebappsasp
https://www.exploit-db.com/exploits/31191

This exploit demonstrates SQL injection vulnerabilities in Site2Nite Real Estate Web by providing proof-of-concept login credentials that bypass authentication. The payload manipulates SQL queries to return true conditions, allowing unauthorized access.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Site2Nite Real Estate Web
No auth needed
Prerequisites: Access to the login interface of the vulnerable application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/51076
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488070/100/200/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27779
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40509

Scores

EPSS 0.0097
EPSS Percentile 57.3%

Details

CWE
CWE-89
Status published
Products (1)
site2nite/real_estate_web
Published Aug 24, 2009
Tracked Since Feb 18, 2026