Vulnerability Details CVE-2008-3266
SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi allows remote attackers to execute arbitrary SQL commands via the key parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/31170
- http://securityreason.com/securityalert/4028
- http://www.securityfocus.com/bid/30316
- http://www.vupen.com/english/advisories/2008/2154/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43947
- https://www.exploit-db.com/exploits/6105
- http://secunia.com/advisories/31170
- http://securityreason.com/securityalert/4028
- http://www.securityfocus.com/bid/30316
- http://www.vupen.com/english/advisories/2008/2154/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43947
- https://www.exploit-db.com/exploits/6105
Products affected by CVE-2008-3266
-
cpe:2.3:a:softacid:hotel_reservation_system_multi:*