Exploit h27

Published on March 23rd, 2019 📆 | 2461 Views ⚑


uHotelBooking System SQL Injection


uHotelBooking System suffers from a remote SQL injection vulnerability.

MD5 | 1032cc0d2c76fb311dde4a98ae107feb


# Exploit Title: uHotelBooking System - 'system_page' SQL Injection
# Date: 21.03.2019
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.hotel-booking-script.com
# Demo Site: https://www.hotel-booking-script.com/demo/
# Version: Lastest
# Tested on: Kali Linux
# CVE: N/A
# Description: uHotelBooking is a powerful hotel management and online
booking/reservation site script.

----- PoC: SQLi -----

Request: http://localhost/[PATH]/index.php
Vulnerable Parameter: system_page (GET)
Attack Pattern:



Free Download WordPress Themes
Premium WordPress Themes Download
Download Best WordPress Themes Free Download
Download WordPress Themes Free
free download udemy course

Tagged with:

Leave a Reply

Back to Top ↑