Hoteldruid v3.0.5 - SQL Injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the nutenteagg parameter at /hoteldruid/interconnessioni.php. id: CVE-2023-43373 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...

Hotel Druid 3.0.2 - Cross-Site Scripting

Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands. id: CVE-2021-37833 info: name: Hotel Druid 3.0.2 - Cross-Site Scripting author: pikpikcu,s4e-io severity: medium description: Hotel Druid 3.0.2 contains a...

Hoteldruid 3.0.5 - Cross-Site Scripting

A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. id: CVE-2023-34537 info: name: Hoteldruid 3.0.5 - Cross-Site Scripting author: Harsh severity: medium...

Hoteldruid v3.0.5 - SQL Injection

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the idutentelog parameter at /hoteldruid/personalizza.php. id: CVE-2023-43374 info: name: Hoteldruid v3.0.5 - SQL Injection author: ritikchaddha severity: critical description: | Hoteldruid v3.0.5 was discovered to...

HotelDruid 2.3.0 - Cross-Site Scripting

HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php. id: CVE-2019-8937 info: name: HotelDruid 2.3.0 - Cross-Site Scripting author: LogicalHunte...

CVE-2023-43375

Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, linguacli, mesenascita, and mesescaddoc parameters...

CVE-2023-43371

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php...

CVE-2023-43376

A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...

CVE-2022-26564

HotelDruid Hotel Management Software v3.0.3 contains a cross-site scripting XSS vulnerability via the prezzoperiodo4 parameter in creaprezzi.php...

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

Linux Distros Unpatched Vulnerability : CVE-2025-55816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file. CVE-2025-55816 Note that Nessus relies on the presence of t...

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

DEBIAN-CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

Hoteldruid 安全漏洞

Hoteldruid is a free and open source hotel management program from Hoteldruid. A security vulnerability exists in Hoteldruid 3.0.7 and earlier versions, which stems from the /modificaapp.php file being vulnerable to cross-site scripting attacks...

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

CVE-2025-55816

CVE-2025-55816 affects HotelDruid, specifically v3.0.7 and earlier. The vulnerability is a Cross Site Scripting (XSS) flaw in the /modifica_app.php (also cited as /modifica app.php in some docs) file. Root cause details are not fully enumerated across the provided documents, but multiple sources ...

PT-2025-50724

Name of the Vulnerable Software and Affected Versions HotelDruid versions prior to 3.0.8 Description HotelDruid versions 3.0.7 and earlier are susceptible to Cross Site Scripting XSS. The issue is located in the /modifica app.php file. The vulnerability allows for the injection of malicious scrip...

EUVD-2025-202878

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...

CVE-2025-55816

HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting XSS in the /modificaapp.php file...