Unrated severityNVD Advisory· Published Sep 30, 2009· Updated Jun 16, 2026
CVE-2009-3497
CVE-2009-3497
Description
SQL injection vulnerability in view_listing.php in Vastal I-Tech Agent Zone (aka The Real Estate Script) allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected products
2cpe:2.3:a:vastal:agent_zone:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vastal:agent_zone:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
2- www.packetstormsecurity.org/0909-exploits/realestaterealtors-sql.txtnvdExploit
- secunia.com/advisories/36812nvdVendor Advisory
News mentions
0No linked articles in our index yet.