CVE-2010-4814

Description

SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter.

Affected products

bestsoftinc / advance_hotel_booking_system1.0 – 1.0

References

MISChttp://www.securityfocus.com/bid/44854
EXPLOIThttp://www.exploit-db.com/exploits/15531
EXPLOIThttp://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/63268