No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-18763 | In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials. |
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials. | In HotelDruid 3.0.0 and 3.0.7, the unauthenticated database-setup endpoint creadb.php can be reached before setup is completed and performs database creation without locking. By sending many concurrent requests, an attacker can trigger a race condition during which verbose SQL error messages disclose the administrator username, password hash, and salt. The same race leaves the setup partially initialized, so the administrator can no longer log in with the credentials set during installation, resulting in a denial of service that requires reinstallation to recover. Remote exploitation additionally requires the installation to allow non-localhost access. The vulnerability was fixed in version 3.0.8. |
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Thu, 26 Jun 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Digitaldruid
Digitaldruid hoteldruid |
|
| CPEs | cpe:2.3:a:digitaldruid:hoteldruid:3.0.0:*:*:*:*:*:*:* cpe:2.3:a:digitaldruid:hoteldruid:3.0.7:*:*:*:*:*:*:* |
|
| Vendors & Products |
Digitaldruid
Digitaldruid hoteldruid |
Tue, 24 Jun 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-209 CWE-400 |
|
| Metrics |
cvssV3_1
|
Fri, 20 Jun 2025 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials. | |
| References |
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-09T13:55:44.468Z
Reserved: 2025-04-22T00:00:00.000Z
Link: CVE-2025-44203
Updated: 2025-06-24T13:49:12.248Z
Status : Analyzed
Published: 2025-06-20T16:15:28.700
Modified: 2026-06-17T09:25:03.700
Link: CVE-2025-44203
No data.
OpenCVE Enrichment
Updated: 2025-06-23T08:20:14Z
EUVD