CVE-2008-5865

2009-01-0617:00:00

mitre

www.cve.org

8.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.6%

JSON

SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.

References

secunia.com/advisories/33215

securityreason.com/securityalert/4870

www.securityfocus.com/bid/32951

exchange.xforce.ibmcloud.com/vulnerabilities/47539

www.exploit-db.com/exploits/7538