Lucene search
+L

396 matches found

Nuclei
Nuclei
added 15 hours ago189 views

Hotel Druid 3.0.2 - Cross-Site Scripting

Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands. id: CVE-2021-37833 info: name: Hotel Druid 3.0.2 - Cross-Site Scripting author: pikpikcu,s4e-io severity: medium description: Hotel Druid 3.0.2 contains a...

6.1CVSS6.2AI score0.04878EPSS
Exploits1References3
Nuclei
Nuclei
added 15 hours ago71 views

Hoteldruid v3.0.5 - SQL Injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the nutenteagg parameter at /hoteldruid/interconnessioni.php. id: CVE-2023-43373 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...

9.8CVSS8.6AI score0.03753EPSS
Exploits1References2
Nuclei
Nuclei
added 15 hours ago71 views

Hoteldruid v3.0.5 - SQL Injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the idutentelog parameter at /hoteldruid/personalizza.php. id: CVE-2023-43374 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...

9.8CVSS8.6AI score0.03272EPSS
Exploits1References2
Nuclei
Nuclei
added 15 hours ago54 views

Hoteldruid 3.0.5 - Cross-Site Scripting

A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. id: CVE-2023-34537 info: name: Hoteldruid 3.0.5 - Cross-Site Scripting author: Harsh severity: medium...

5.4CVSS5.5AI score0.0145EPSS
Exploits1References4
Nuclei
Nuclei
added 15 hours ago51 views

HotelDruid 2.3.0 - Cross-Site Scripting

HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php. id: CVE-2019-8937 info: name: HotelDruid 2.3.0 - Cross-Site Scripting author: LogicalHunte...

6.1CVSS5.7AI score0.1068EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.2 views

CVE-2023-43375

Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, linguacli, mesenascita, and mesescaddoc parameters...

9.8CVSS8.5AI score0.00607EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.9 views

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

9.8CVSS8.2AI score0.0091EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.12 views

CVE-2023-43376

A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...

5.4CVSS5.7AI score0.00423EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:43 a.m.9 views

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

6.1CVSS5.7AI score0.02759EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/12 1:6 a.m.7 views

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

6.1CVSS6.2AI score0.00234EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-55816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file. CVE-2025-55816 Note that Nessus relies on the presence of t...

6.1CVSS5.4AI score0.00234EPSS
Exploits1References3
NVD
NVD
added 2025/12/11 9:15 p.m.6 views

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

6.1CVSS0.00234EPSS
Exploits1References2
OSV
OSV
added 2025/12/11 9:15 p.m.4 views

DEBIAN-CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

6.1CVSS5.1AI score0.00234EPSS
Exploits1References1
OSV
OSV
added 2025/12/11 9:15 p.m.8 views

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

6.1CVSS5.8AI score0.00234EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.6 views

Hoteldruid 安全漏洞

Hoteldruid is a free and open source hotel management program from Hoteldruid. A security vulnerability exists in Hoteldruid 3.0.7 and earlier versions, which stems from the /modificaapp.php file being vulnerable to cross-site scripting attacks...

6.1CVSS5.8AI score0.00234EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.2 views

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

5.8AI score0.00234EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.25 views

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

0.00234EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/11 12:0 a.m.5 views

EUVD-2025-202878

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

5.7AI score0.00234EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/12/11 12:0 a.m.7 views

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

6.1CVSS5.1AI score0.00234EPSS
Exploits1
CVE
CVE
added 2025/12/11 12:0 a.m.23 views

CVE-2025-55816

CVE-2025-55816 affects HotelDruid, specifically v3.0.7 and earlier. The vulnerability is a Cross Site Scripting (XSS) flaw in the /modifica_app.php (also cited as /modifica app.php in some docs) file. Root cause details are not fully enumerated across the provided documents, but multiple sources ...

6.1CVSS5.8AI score0.00234EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder