cpe:/a:softacid:hotel_reservation_system CVE-2008-4204 2008-09-24T10:56:52.647-04:00 2017-09-28T21:32:03.070-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-09-25T09:24:00.000-04:00 ALLOWS_OTHER_ACCESS BID 31211 SREASON 4308 EXPLOIT-DB 6470 XF hrs-city-sql-injection(45190) SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter.