2008-09-24 14:00:00
mitre
PUBLISHED
SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter.