Joomla Hotel Booking System Component "r_type" SQL Injection

SECUNIA ADVISORY ID:
SA33215

VERIFY ADVISORY:
http://secunia.com/advisories/33215/

CRITICAL:
Moderately critical

IMPACT:
Manipulation of data

WHERE:
>From remote

SOFTWARE:
Hotel Booking System 1.x (component for Joomla)
http://secunia.com/advisories/product/20848/

DESCRIPTION:
boom3rang has reported a vulnerability in the Hotel Booking System
component for Joomla, which can be exploited by malicious people to
conduct SQL injection attacks.

Input passed via the "r_type" parameter in index.php (when "option"
is set to "com_hbssearch" and "task" is set to "showhoteldetails") is
not properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
boom3rang

ORIGINAL ADVISORY:
http://milw0rm.com/exploits/7538

RECENT ARTICLE

RECENT POST