VULHUB ™

Joomla! Hotel Booking Reservation System(又称HBS或com_hbssearch)组件中存在多个SQL注入漏洞。远程攻击者可以借助提交到longDesc.php的(1)h_id,(2)id和(3)rid参数和到(4)detail.php,(5)detail1.php,(6)detail2.php,(7)detail3.php,(8)detail4.php,(9)detail5.php,(10) detail6.php,(11)detail7.php和(12)detail8.php的h_id参数，执行任意的SQL指令。

Joomla! Hotel Booking Reservation System(又称HBS或com_hbssearch)组件中存在多个SQL注入漏洞。远程攻击者可以借助提交到longDesc.php的(1)h_id,(2)id和(3)rid参数和到(4)detail.php,(5)detail1.php,(6)detail2.php,(7)detail3.php,(8)detail4.php,(9)detail5.php,(10) detail6.php,(11)detail7.php和(12)detail8.php的h_id参数，执行任意的SQL指令。