Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13069
HistoryJun 10, 2006 - 12:00 a.m.

mole.com.ua Booking Script

2006-06-1000:00:00
vulners.com
9
JSON

Booking Script.

Homepage:
http://www.mole.com.ua

PError with full path disclosure and possible buffer overflow?:

http://www.example.com/week.php?year=2006&month=06&day=0'

Warning: checkdate() expects parameter 2 to be long, string given in
/home/httpd/vhosts/domain/subdomains/booking/httpdocs/week.php on line 26

The error msg above outputs continously in a loop, printing on the screen.

Another error message, due to timeout because the year variable was changed to an extremely high
number:

http://www.example.com/week.php?year=9000000&month=06&day=13&area=11&room=22

Fatal error: Maximum execution time of 30 seconds exceeded
in /home/httpd/vhosts/domain/subdomains/booking/httpdocs/week.php on line 26

JSON