SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote malicious users to execute arbitrary SQL commands via the file parameter.
mole group hotel script 1.0