Filtered by vendor Digitaldruid
Subscriptions
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-22909 | 1 Digitaldruid | 1 Hoteldruid | 2024-08-03 | 8.8 High |
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module. | ||||
CVE-2023-34537 | 1 Digitaldruid | 1 Hoteldruid | 2024-08-02 | 5.4 Medium |
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. | ||||
CVE-2023-33817 | 1 Digitaldruid | 1 Hoteldruid | 2024-08-02 | 8.8 High |
hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability. | ||||
CVE-2023-29839 | 1 Digitaldruid | 1 Hotel Druid | 2024-08-02 | 5.4 Medium |
A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function. |