4 matches found
Sql injection
Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, linguacli, mesenascita, and mesescaddoc parameters...
PT-2023-28812 · Unknown +1 · Hoteldruid +1
Name of the Vulnerable Software and Affected Versions: Hoteldruid version 3.0.5 Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities are located at the /hoteldruid/clienti.php endpoint via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, lingua...
CVE-2023-43375
Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, linguacli, mesenascita, and mesescaddoc parameters...
HotelDruid SQL Injection Vulnerability
Hoteldruid is a free and open source hotel management program from Hoteldruid. A security vulnerability exists in HotelDruid version v3.0.5, which stems from a SQL injection vulnerability in several parameters such as annonascita, annoscaddoc and others...