3 matches found
CVE-2019-9085
Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service invoice-creation outage via the nfile parameter to visualizzacontratto.php with invalid arguments any non-numeric value, as demonstrated by the anno=2019transazione=1№contratto=1file=a query string to...
CVE-2019-9085
Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service invoice-creation outage via the nfile parameter to visualizzacontratto.php with invalid arguments any non-numeric value, as demonstrated by the anno=2019&idtransazione=1&numerocontratto=1&nfile=a query string ...
CVE-2019-9085
CVE-2019-9085 affects Hoteldruid before v2.3.1. Affected component: the visualizza_contratto.php endpoint, where the n_file parameter accepts non-numeric values. Root cause: invalid arguments lead to a denial of service (invoice-creation outage). Impact as described: remote authenticated users ca...