CVE-2010-5013

Mckenzie Creations VRM <3.5 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-5013. PoCs published by Sid3^effects.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Virtual Real Estate Manager V 3.5. The vulnerability is located in the 'Lid' parameter of the 'listing_detail.asp' page, allowing attackers to inject malicious SQL queries.

Description

SQL injection vulnerability in listing_detail.asp in Mckenzie Creations Virtual Real Estate Manager (VRM) 3.5 allows remote attackers to execute arbitrary SQL commands via the Lid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Sid3^effects · textwebappsasp

https://www.exploit-db.com/exploits/13789

View Code ZIP pw:eip

This is a writeup describing a SQL injection vulnerability in Virtual Real Estate Manager V 3.5. The vulnerability is located in the 'Lid' parameter of the 'listing_detail.asp' page, allowing attackers to inject malicious SQL queries.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: Virtual Real Estate Manager V 3.5

No auth needed

Prerequisites: Access to the vulnerable 'listing_detail.asp' page

MITRE ATT&CK