SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote malicious users to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bookingcentre booking system for hotels group - |