SQL injection vulnerability in default.asp in Dora Emlak 1.0, when the goster parameter is set to emlakdetay, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
https://exchange.xforce.ibmcloud.com/vulnerabilities/35555
http://www.vupen.com/english/advisories/2007/2605