Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5874


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5874
Last Modified 10 Jul 2009 01:28:30
Published 08 Jan 2009 02:30:11
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.

Vulnerable Systems


  • Joomlahbs Com 5starhotels Nil

  • Joomlahbs Com Allhotels Nil

  • Joomlahbs Hotel Booking Reservation System Nil


BID - 32952

MILW0RM - 7575

MILW0RM - 7568


Last Updated: 27 May 2016 10:48:58