This software comes with an admin panel form where you can check the number of listing and do the options like edit/delete. Admin can set email setting form the admin panel. Upload information of your travel country wise. Admin can upload hotel and travel details for each country like hotel photo, rates, hotel location, hotel facilities from admin panel so that visitors to the website can see all these when they log on to website. The vulnerability is a SQLi vulnerability and the demo URL is http://server/traveldemo/tour_packages.asp?country=[sqli], http://server/traveldemo/hoteldetails.asp?id=[sqli], http://server/traveldemo/tourdetails.asp?id=[sqli], http://server/traveldemo/viewnews.asp?id=[sqli].