SQL Injection Vulnerability in ApPHP Hotel Site 3.x.x: Remote Code Execution via pid Parameter

SQL Injection Vulnerability in ApPHP Hotel Site 3.x.x: Remote Code Execution via pid Parameter

CVE-2015-4713 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.

Learn more about our Web Application Penetration Testing UK.