Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5874

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5874
Last Modified 10 Jul 2009 01:28:30
Published 08 Jan 2009 02:30:11
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5874

Summary

Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Joomlahbs Com 5starhotels Nil

  • Joomlahbs Com Allhotels Nil

  • Joomlahbs Hotel Booking Reservation System Nil


References

BID - 32952

MILW0RM - 7575

MILW0RM - 7568

MISC - http://downloads.securityfocus.com/vulnerabilities/exploits/32952.pl


Last Updated: 27 May 2016 10:48:58