SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote attackers to execute arbitrary SQL commands via the ID parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/62956
http://www.securityfocus.com/bid/44619
http://secunia.com/advisories/42087
http://packetstormsecurity.org/1011-exploits/site2nitevr-sql.txt