CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

Prion•added 2019/06/07 9:29 p.m.•8 views

Sql injection

HotelDruid before v2.3.1 has SQL Injection via the /tabtariffe.php numtariffa1 parameter...

7.5CVSS9.9AI score0.0043EPSS

Exploits1References2Affected Software1

OSV•added 2019/06/07 9:29 p.m.•1 views

UBUNTU-CVE-2019-9084

In Hoteldruid before 2.3.1, a division by zero was discovered in $numtabelle in tabtariffe.php aka the numtariffa1 parameter due to the mishandling of non-numeric values, as demonstrated by the /tabtariffe.php?anno=YEAR&numtariffa1=1a URI. It could allow an administrator to conduct remote denial ...

4.9CVSS5.9AI score0.00735EPSS

Exploits1References2

CVE•added 2019/06/07 8:39 p.m.•189 views

CVE-2019-9087

HotelDruid before v2.3.1 is vulnerable to SQL Injection via the /tab_tariffe.php?numtariffa1 parameter. The root cause is improper input handling in HotelDruid’s web interface, enabling attacker-controlled SQL execution. The CVSS metrics indicate a high/critical impact profile (CVSSv2: base 7.5, ...

9.8CVSS9.9AI score0.0043EPSS

Exploits1References2Affected Software1