CVE-2008-5874

Published: 08/01/2009 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 765

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
joomlahbs com 5starhotels nil
joomlahbs com allhotels nil
joomlahbs hotel booking reservation system nil

#!/usr/bin/perl -w #Joomla com_5starhotels Sql injection# ######################################## #[~] Author : EcHoLL #[~] wwwwarezturkorg wwwtahribatcom #[~] Greetz : Black_label TURK Godlike Nitrous #[!] Module_Name: com_5starhotels #[!] Script_Name: Joomla #[!] Google_Dork: inurl:"com_5starhotels" ################################ ...

Joomla Component com_lowcosthotels (id) Blind SQL Injection Vulnerability ___________________________________ Author: Hussin X Home : wwwIQ-TYcom & wwwTrYaGcc ___________________________________ script : wwwjoomlahbscom/ DorK : inurl:indexphp?option=com_lowcosthotels Demo : _______ wwwleveltensolutionsnet/spa/ ...

Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability ___________________________________ Author: Hussin X Home : wwwIQ-TYcom & wwwTrYaGcc ___________________________________ script : wwwjoomlahbscom/ & wwwleveltensolutionsnet/spa/ DorK : inurl:indexphp?option=com_allhotels Demo : _______ ...

CWE-89 http://www.securityfocus.com/bid/32952 http://downloads.securityfocus.com/vulnerabilities/exploits/32952.pl https://www.exploit-db.com/exploits/7575 https://www.exploit-db.com/exploits/7568 https://nvd.nist.gov https://www.exploit-db.com/exploits/7575/

CVE-2008-5874

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect