Vulnerabilities > Tourismscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-01-18 | CVE-2009-4618 | SQL Injection vulnerability in Tourismscripts BUS Script Multiple SQL injection vulnerabilities in Tourism Script Bus Script allow remote attackers to execute arbitrary SQL commands via the sitetext_id parameter to (1) aboutus.php and (2) faq.php. | 7.5 |
2010-01-18 | CVE-2009-4617 | SQL Injection vulnerability in Tourismscripts Tourism Script Accomodation Hotel Booking Portal Script Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php. | 7.5 |
2009-09-24 | CVE-2009-3358 | SQL Injection vulnerability in Tourismscripts Adult Portal Escort Listing SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | 7.5 |