Lucene search

K
cvelistMitreCVELIST:CVE-2021-37832
HistoryAug 03, 2021 - 12:30 p.m.

CVE-2021-37832

2021-08-0312:30:57
mitre
www.cve.org
3
sql injection
hotel druid
version 3.0.2
sqlite
application database
malicious attacker
sql commands
vulnerable parameter

EPSS

0.002

Percentile

55.6%

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter.