Vulnerabilities

CVE-2009-4386

by Fred · 22/12/2009

SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote attackers to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors.

Date published : 2009-12-22

http://www.securityfocus.com/archive/1/508429/100/0/threaded

http://www.exploit-db.com/exploits/10393

Similar

Tags: Cybersecurity Alert