Tourismscripts » Tourism Script Accomodation Hotel Booking Portal Script : Security Vulnerabilities, CVEs,
Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2010-01-18
Updated
2017-09-19
1 vulnerabilities found