10 matches found
Online Airline Booking System - Multiple Vulnerabilities
Online Airline Booking System - Multiple Vulnerabilities Exploit Title : Online Airline Booking System multiple vulnerabilities Author : WICS Date : 05/1/2016 Software Link : http://sourceforge.net/projects/oabs/ Affected Version: All Overview: The Online Airline Booking System is designed to be ...
Online Airline Booking System - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title : Online Airline Booking System multiple vulnerabilities Author : WICS Date : 05/1/2016 Software Link : http://sourceforge.net/projects/oabs/ Affected Version: All Overview: The Online Airline Booking System is designed to be an...
Online Airline Booking System - Multiple Vulnerabilities
Exploit Title : Online Airline Booking System multiple vulnerabilities Author : WICS Date : 05/1/2016 Software Link : http://sourceforge.net/projects/oabs/ Affected Version: All Overview: The Online Airline Booking System is designed to be an all in one solution for an airline wishing to speed up...
Vulnerability in Datalex airline booking software
Datalex airline booking software is a suite of software from Datalex Ireland that automatically connects to airline bookings. A security vulnerability exists in Datalex airline booking software updated prior to date 2015-09-03. A remote attacker can exploit the vulnerability to read or access...
CVE-2015-2858
Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to 1 ValidateFormAction.do or 2 ProfileConfirmEditAddressAction.do...
Code injection
Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to 1 ValidateFormAction.do or 2 ProfileConfirmEditAddressAction.do...
CVE-2015-2858
Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to 1 ValidateFormAction.do or 2 ProfileConfirmEditAddressAction.do...
CVE-2015-2858
The CVE-2015-2858 issue affects the Datalex airline booking software (pre-2015-09-03) and stems from an authorization-check bypass in how the application processes the profileId parameter. By modifying profileId in POST requests to ValidateFormAction.do or ProfileConfirmEditAddressAction.do, an a...
Datalex airline booking software allowed authorization bypass for arbitrary users
Overview Datalex provides a suite of software offerings for the airline industry which supports a customizable flight browsing, booking, payment, and analytics. The Datalex airline booking software contained an error in its error handling routines which allows authorization bypass and loss of...
Online Airline Booking System Authentication Bypass
Exploit Title : Online Airline Booking System multiple vulnerabilities Author : WICS Date : 05/1/2016 Software Link : http://sourceforge.net/projects/oabs/ Affected Version: All Overview: The Online Airline Booking System is designed to be an all in one solution for an airline wishing to speed up...