VYPR

Com Hbssearch

by Joomlahbs

CVEs (3)

  • CVE-2009-3368Sep 24, 2009
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the adult parameter in a showhoteldetails action to index.php.

  • CVE-2009-3357Sep 24, 2009
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) h_id, (2) id, and (3) rid parameters to longDesc.php, and the h_id parameter to…

  • CVE-2008-5865Jan 6, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.