2 matches found
Sql injection
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System aka HBS or comhbssearch component for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 hid, 2 id, and 3 rid parameters to longDesc.php, and the hid parameter to 4 detail.php, 5 detail1.php, 6...
CVE-2008-5874
CVE-2008-5874 relates to multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (Joomla! HBS) via the id parameter in showhoteldetails for modules (1) com_allhotels and (2) com_5starhotels. The underlying issue is unsafely constructed SQL in these components, enabling remo...