Published: 11/06/2014 Updated: 12/08/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in booking_details.php in Best Soft Inc. (BSI) Advance Hotel Booking System 2.0 allows remote malicious users to inject arbitrary web script or HTML via the title parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bestsoftinc advance hotel booking system 2.0

# Exploit Title:BSI Advance Hotel Booking System Persistent XSS # Google Dork: intext:Hotel Booking System v20 © 2008 - 2012 Copyright Best Soft Inc # Date: Wed Jun 4 2014 # Exploit Author: Angelo Ruwantha # Vendor Homepage: wwwbestsoftinccom # Software Link: wwwbestsoftinccom/php-advance-hotel-booking-systemhtml # Version: V2 ...

BSI Advance Hotel Booking System version 20 suffers from a persistent cross site scripting vulnerability in booking_detailsphp ...

CWE-79 http://packetstormsecurity.com/files/126949/BSI-Advance-Hotel-Booking-System-2.0-Cross-Site-Scripting.html http://www.securityfocus.com/bid/67914 http://packetstormsecurity.com/files/154024/BSI-Advance-Hotel-Booking-System-2.0-Cross-Site-Scripting.html https://nvd.nist.gov https://www.exploit-db.com/exploits/47219

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-4035

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect