Many well-known hotel chains, high-end brand hotels there are serious security vulnerabilities, massive open room information stored in the disclosure risk-vulnerability warning-the black bar safety net

2015-02-13T00:00:00
ID MYHACK58:62201559072
Type myhack58
Reporter 佚名
Modified 2015-02-13T00:00:00

Description

Well-known Inn orange, Jinjiang Inn, the super eight, pudding; high-end hotel the MARRIOTT Hotel Group, MARRIOTT, Ritz Carlton, Starwood group, Sheraton, Le Meridien, W Hotels, Intercontinental Hotel Group, Holiday Inn, etc there is a serious security breach, the tenant Open House information at a glance, also on the property order to modify and cancellation.

Starwood Hotel Group

!

Starwood is the world's largest hotel and leisure group, its hotel of high-end luxury renowned,and has an industry–leading and award-winning loyalty program-SPG Preferred Guest members can earn points and redeem into the room accommodation, room upgrades and flights, with no blackout dates.

!

The Group's brands include St. Regis St. Regis, the Luxury Collection The Luxury Collection, W Hotel, W Hotels, and Le Meridien Le Meridien, The Westin, the Sheraton Sheraton, the Aloft(Aloft), the source and sink(Element, and Four Points(Four Points).

Vulnerability description:

According to the vulnerability box white hats reports showed the vulnerability is located in the Starwood Group's official website, through this vulnerability hackers can be order detail query, get a lot of order information, order details including name, arrival date, room charge, credit card last four digits of the credit card expiration date, mail, address, etc.

[1] [2] [3] [4] [5] [6] [7] [8] next