Security Advisory

CVE-2009-4617

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-01-18 20:00:00

Last updated 2024-08-07 07:08:38

Assigner mitre

State PUBLISHED

Description

Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php.

← Browse all CVEs View on cve.org ↗