12 matches found
CVE-2023-43376
A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...
EUVD-2019-18472
Malware in sbrugna...
EUVD-2021-25002
Malware in sbrugna...
EUVD-2025-7682
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-43378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
CVE-2023-47164
Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product...
CVE-2023-34537
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data...
CVE-2023-33817
hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability...
CVE-2018-1000871
HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in "idutentemod" parameter in gestioneutenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done...
CVE-2023-43374
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the idutentelog parameter at /hoteldruid/personalizza.php...
PT-2023-28811 · Unknown +1 · Hoteldruid +1
Name of the Vulnerable Software and Affected Versions: Hoteldruid version 3.0.5 Description: A SQL injection vulnerability was discovered in Hoteldruid via the id utente log parameter at the "/hoteldruid/personalizza.php" API endpoint. This issue allows for potential SQL injection attacks...
CVE-2023-33817
hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability...