CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

RedhatCVE•added 2026/01/09 12:40 p.m.•5 views

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

9.8CVSS8.2AI score0.00296EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:43 a.m.•4 views

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

6.1CVSS5.7AI score0.00547EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-31120

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00547EPSS

Exploits1References2

Veracode•added 2023/11/27 11:42 p.m.•17 views

SQL Injection

hoteldruid is vulnerable to SQL injection. The vulnerability is due to there is no sanitization of user inputs in various parameters of the creaprezzi.php page in HotelDruid. This allows an attacker to inject malicious SQL commands, and potentially leads to unauthorized data access...

8.8CVSS7.6AI score0.12103EPSS

Exploits2References2Affected Software1

ATTACKERKB•added 2023/09/20 7:15 p.m.•2 views

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

9.8CVSS5.9AI score0.00296EPSS

Exploits1References2

OSV•added 2023/09/20 7:15 p.m.•1 views

DEBIAN-CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

9.8CVSS8.8AI score0.00296EPSS

Exploits1References1

Prion•added 2023/09/20 7:15 p.m.•12 views

Sql injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

7.5CVSS9.8AI score0.00296EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/09/20 12:0 a.m.•14 views

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

10AI score0.00296EPSS

Exploits1References1

Vulnrichment•added 2023/09/20 12:0 a.m.•11 views

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

8.2AI score0.00296EPSS

Exploits1References1

Debian CVE•added 2023/09/20 12:0 a.m.•18 views

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

9.8CVSS9.8AI score0.00296EPSS

Exploits1

Veracode•added 2022/04/27 12:29 p.m.•16 views

Cross-site Scripting (XSS)

hoteldruid is vulnerable to cross site scripting. The vulnerability exists due to a lack of sanitization allowing an attacker to inject maliciously crafted script via the prezzoperiodo4 parameter in creaprezzi.php...

6.1CVSS2.4AI score0.00547EPSS

Exploits1References3Affected Software1

ATTACKERKB•added 2022/04/26 11:15 p.m.•1 views

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

6.1CVSS5.8AI score0.00547EPSS

Exploits1References4

NVD•added 2022/04/26 11:15 p.m.•12 views

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

6.1CVSS0.00547EPSS

Exploits1References2

Prion•added 2022/04/26 11:15 p.m.•10 views

Cross site scripting

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

4.3CVSS5.9AI score0.00547EPSS

Exploits1References2Affected Software1

UbuntuCve•added 2022/04/26 11:15 p.m.•23 views

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

6.1CVSS6.3AI score0.00547EPSS

Exploits1References3

CVE•added 2022/04/26 10:30 p.m.•94 views

CVE-2022-26564

CVE-2022-26564 affects HotelDruid Hotel Management Software v3.0.3 with a cross-site scripting (XSS) vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. The issue is triggered through user-controlled input and could allow malicious scripts to execute in a victim’s browser, potential...

6.1CVSS5.9AI score0.00547EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/04/26 10:30 p.m.•19 views

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

6.2AI score0.00547EPSS

Exploits1References2

UbuntuCve•added 2019/05/17 3:29 p.m.•16 views

CVE-2019-8937

HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php...

6.1CVSS6.3AI score0.43768EPSS

Exploits5References4

NVD•added 2019/05/17 3:29 p.m.•13 views

CVE-2019-8937

HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php...

6.1CVSS6AI score0.43768EPSS

Exploits5References3

CVE•added 2019/05/17 2:55 p.m.•87 views

CVE-2019-8937

HotelDruid 2.3.0 is affected by a Cross-Site Scripting vulnerability (CVE-2019-8937) affecting parameters nsextt, cambia1, mese_fine, origine, and anno in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. The root cause is improper input handling allowing injected script...

6.1CVSS5.8AI score0.43768EPSS

Exploits5References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by