396 matches found
Hotel Druid 3.0.2 - Cross-Site Scripting
Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands. id: CVE-2021-37833 info: name: Hotel Druid 3.0.2 - Cross-Site Scripting author: pikpikcu,s4e-io severity: medium description: Hotel Druid 3.0.2 contains a...
Hoteldruid v3.0.5 - SQL Injection
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the nutenteagg parameter at /hoteldruid/interconnessioni.php. id: CVE-2023-43373 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...
Hoteldruid v3.0.5 - SQL Injection
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the idutentelog parameter at /hoteldruid/personalizza.php. id: CVE-2023-43374 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...
Hoteldruid 3.0.5 - Cross-Site Scripting
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. id: CVE-2023-34537 info: name: Hoteldruid 3.0.5 - Cross-Site Scripting author: Harsh severity: medium...
HotelDruid 2.3.0 - Cross-Site Scripting
HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php. id: CVE-2019-8937 info: name: HotelDruid 2.3.0 - Cross-Site Scripting author: LogicalHunte...
CVE-2023-43375
Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, linguacli, mesenascita, and mesescaddoc parameters...
CVE-2023-43371
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...
CVE-2023-43376
A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...
CVE-2022-26564
HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...
CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
Linux Distros Unpatched Vulnerability : CVE-2025-55816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file. CVE-2025-55816 Note that Nessus relies on the presence of t...
CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
DEBIAN-CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
Hoteldruid 安全漏洞
Hoteldruid is a free and open source hotel management program from Hoteldruid. A security vulnerability exists in Hoteldruid 3.0.7 and earlier versions, which stems from the /modificaapp.php file being vulnerable to cross-site scripting attacks...
CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
EUVD-2025-202878
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
CVE-2025-55816
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...
CVE-2025-55816
CVE-2025-55816 affects HotelDruid, specifically v3.0.7 and earlier. The vulnerability is a Cross Site Scripting (XSS) flaw in the /modifica_app.php (also cited as /modifica app.php in some docs) file. Root cause details are not fully enumerated across the provided documents, but multiple sources ...