漏洞描述
【漏洞对象】Hoteldruid 【漏洞描述】Hoteldruid是由DigitalDruid.Net开发的酒店管理(物业管理软件)系统。由于其网络界面的极大灵活性,它可以满足各种需求,从住宿加早餐或公寓很少的度假屋到拥有数百间客房的酒店。其mostra_sorgente.php页面泄露了网站根目录下的所有文件。
HotelDruid mostra_sorgente.php-文件读取漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-8937: HotelDruid 2.3.0 - Cross-Site Scripting
- POC CVE-2022-26564: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting
- POC CVE-2023-34537: Hoteldruid 3.0.5 - Cross-Site Scripting
- POC CVE-2023-43373: Hoteldruid v3.0.5 - SQL Injection
- POC CVE-2023-43374: Hoteldruid v3.0.5 - SQL Injection
- POC unauth-hoteldruid-panel: Hoteldruid Management Panel Access
- HotelDruid CVE-2022-22909 远程代码执行漏洞
- HotelDruid Hotel Management Software 3.0.3反射型XSS漏洞(CVE-2022-22242)