Property Listing Script suffers from a remote blind SQL injection vulnerability.