Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|
CVE-2024-23091 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Weak password hashing using MD5 in funzioni.php in HotelDruid before 1 ... |
CVE-2023-47164 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier all ... |
CVE-2023-43377 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_c ... |
CVE-2023-43376 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php ... |
CVE-2023-43375 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vul ... |
CVE-2023-43374 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ... |
CVE-2023-43373 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ... |
CVE-2023-43371 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ... |
CVE-2023-34854 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Authenticated remote code execution via backup/restore in HotelDruid |
CVE-2023-34537 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacke ... |
CVE-2023-33817 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ... |
CVE-2023-29839 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A Stored Cross Site Scripting (XSS) vulnerability exists in multiple p ... |
CVE-2022-45592 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | (1) Server Side Request Forgery (SSRF), (2) persistant Cross site scripting (XSS), and (3) File upload vulnerability. |
CVE-2022-26564 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | HotelDruid Hotel Management Software v3.0.3 contains a cross-site scri ... |
CVE-2022-22909 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | HotelDruid v3.0.3 was discovered to contain a remote code execution (R ... |
CVE-2021-42949 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | The component controlla_login function in HotelDruid Hotel Management ... |
CVE-2021-42948 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | HotelDruid Hotel Management Software v3.0.3 and below was discovered t ... |
CVE-2021-38559 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | DigitalDruid HotelDruid 3.0.2 has an XSS vulnerability in prenota.php ... |
CVE-2021-37833 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A reflected cross-site scripting (XSS) vulnerability exists in multipl ... |
CVE-2021-37832 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid w ... |
CVE-2019-9087 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php nu ... |
CVE-2019-9086 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle ... |
CVE-2019-9085 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | Hoteldruid before v2.3.1 allows remote authenticated users to cause a ... |
CVE-2019-9084 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | In Hoteldruid before 2.3.1, a division by zero was discovered in $num_ ... |
CVE-2019-8937 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, ori ... |
CVE-2018-1000871 | vulnerable (no DSA) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL I ... |