Tourismscripts : Security Vulnerabilities, CVEs,
Multiple SQL injection vulnerabilities in Tourism Script Bus Script allow remote attackers to execute arbitrary SQL commands via the sitetext_id parameter to (1) aboutus.php and (2) faq.php.
Max CVSS
7.5
EPSS Score
0.11%
Published
2010-01-18
Updated
2017-09-19
Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotel_id parameter to (1) hotel.php, (2) details.php, (3) roomtypes.php, (4) photos.php, (5) map.php, (6) weather.php, (7) reviews.php, and (8) book.php.
Max CVSS
7.5
EPSS Score
0.09%
Published
2010-01-18
Updated
2017-09-19
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2009-09-24
Updated
2017-09-19
3 vulnerabilities found