CVE-2009-4617

2010-01-18T15:30:00
ID CVE-2009-4617
Type cve
Reporter NVD
Modified 2017-09-18T21:30:00

Description

Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php.