Hoteldruid 漏洞列表
共找到 14 个与 Hoteldruid 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2019-8937: HotelDruid 2.3.0 - Cross-Site Scripting POC
HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. -
CVE-2022-26564: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting POC
HotelDruid Hotel Management Software 3.0.3 contains a cross-site scripting vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. -
CVE-2023-34537: Hoteldruid 3.0.5 - Cross-Site Scripting POC
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. -
CVE-2023-43373: Hoteldruid v3.0.5 - SQL Injection POC
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the n_utente_agg parameter at /hoteldruid/interconnessioni.php. -
CVE-2023-43374: Hoteldruid v3.0.5 - SQL Injection POC
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php. -
CVE-2019-8937: HotelDruid 2.3.0 - Cross-Site Scripting POC
HotelDruid 2.3.0 contains a cross-site scripting vulnerability affecting nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php. -
CVE-2022-26564: HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting POC
HotelDruid Hotel Management Software 3.0.3 contains a cross-site scripting vulnerability via the prezzoperiodo4 parameter in creaprezzi.php. -
CVE-2023-34537: Hoteldruid 3.0.5 - Cross-Site Scripting POC
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. -
CVE-2023-43373: Hoteldruid v3.0.5 - SQL Injection POC
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the n_utente_agg parameter at /hoteldruid/interconnessioni.php. -
CVE-2023-43374: Hoteldruid v3.0.5 - SQL Injection POC
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php. -
unauth-hoteldruid-panel: Hoteldruid Management Panel Access POC
A vulnerability in Hoteldruid Panel allows remote unauthenticated users access to the management portal without authentication. -
HotelDruid CVE-2022-22909 远程代码执行漏洞 无POC
HotelDruid 存在远程代码执行漏洞,此漏洞是缺乏校验导致的。 -
HotelDruid Hotel Management Software 3.0.3反射型XSS漏洞(CVE-2022-22242) 无POC
HotelDruid Hotel Management Software 存在过滤不完全的情况,造成存在反射型XSS漏洞 -
HotelDruid mostra_sorgente.php-文件读取漏洞 无POC
【漏洞对象】Hoteldruid 【漏洞描述】Hoteldruid是由DigitalDruid.Net开发的酒店管理(物业管理软件)系统。由于其网络界面的极大灵活性,它可以满足各种需求,从住宿加早餐或公寓很少的度假屋到拥有数百间客房的酒店。其mostra_sorgente.php页面泄露了网站根目录下的所有文件。