cpe:/a:joomlahbs:com_tophotelmodule:1.0.0 cpe:/a:joomlahbs:hotel_booking_reservation_system:1.0.0 CVE-2008-5864 2009-01-06T12:30:00.640-05:00 2017-09-28T21:32:50.790-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-01-07T11:38:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32952 SREASON 4871 EXPLOIT-DB 7539 XF tophotel-index-sql-injection(47540) SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.