CVE-2019-9086

HotelDruid before v2.3.1 has SQL Injection via the /visualizzatabelle.php anno parameter...

Sql injection

HotelDruid before v2.3.1 has SQL Injection via the /visualizzatabelle.php anno parameter...

CVE-2019-9086

HotelDruid before v2.3.1 has SQL Injection via the /visualizzatabelle.php anno parameter...

CVE-2019-8937

HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php...

CVE-2019-8937

HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mesefine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizzatabelle.php...

CVE-2019-8937

HotelDruid 2.3.0 is affected by a Cross-Site Scripting vulnerability (CVE-2019-8937) affecting parameters nsextt, cambia1, mese_fine, origine, and anno in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. The root cause is improper input handling allowing injected script...

Sql injection

SQL injection vulnerability in visualizzatabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognomecerca parameter. NOTE: some of these details are obtained from third party information...

CVE-2008-0353

CVE-2008-0353 affects php-residence versions 0.7.2 and 1.0, where visualizza_tabelle.php is vulnerable to SQL injection via the cognome_cerca parameter. The documented impact is that remote attackers can execute arbitrary SQL commands. The connected documents confirm the same description and do n...