Information on source package hoteldruid

Available versions

ReleaseVersion
bullseye3.0.1-1
bookworm3.0.4-1
sid3.0.6-1

Open issues

BugbullseyebookwormsidDescription
CVE-2025-25749vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerableAn issue in HotelDruid version 3.0.7 and earlier allows users to set w ...
CVE-2025-25748vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerableA CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid ...
CVE-2025-25747vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerableCross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 ...
CVE-2023-47164vulnerable (no DSA)vulnerable (no DSA)fixedCross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier all ...
CVE-2023-43378undeterminedundeterminedundeterminedA cross-site scripting (XSS) vulnerability in Hoteldruid v3.0.5 allows ...
CVE-2023-43377vulnerable (no DSA)vulnerable (no DSA)fixedA cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_c ...
CVE-2023-43376vulnerable (no DSA)vulnerable (no DSA)fixedA cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php ...
CVE-2023-43375vulnerable (no DSA)vulnerable (no DSA)fixedHoteldruid v3.0.5 was discovered to contain multiple SQL injection vul ...
CVE-2023-43374vulnerable (no DSA)vulnerable (no DSA)fixedHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-43373vulnerable (no DSA)vulnerable (no DSA)fixedHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-43371vulnerable (no DSA)vulnerable (no DSA)fixedHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-34854vulnerable (no DSA)vulnerable (no DSA)fixedAuthenticated remote code execution via backup/restore in HotelDruid
CVE-2023-34537vulnerable (no DSA)vulnerable (no DSA)fixedA Reflected XSS was discovered in HotelDruid version 3.0.5, an attacke ...
CVE-2023-33817vulnerable (no DSA)vulnerable (no DSA)fixedhoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-29839vulnerable (no DSA)vulnerable (no DSA)fixedA Stored Cross Site Scripting (XSS) vulnerability exists in multiple p ...
CVE-2022-45592vulnerable (no DSA)vulnerable (no DSA)fixed(1) Server Side Request Forgery (SSRF), (2) persistant Cross site scripting (XSS), and (3) File upload vulnerability.
CVE-2022-26564vulnerable (no DSA)fixedfixedHotelDruid Hotel Management Software v3.0.3 contains a cross-site scri ...
CVE-2022-22909vulnerable (no DSA)fixedfixedHotelDruid v3.0.3 was discovered to contain a remote code execution (R ...
CVE-2021-42949vulnerable (no DSA)fixedfixedThe component controlla_login function in HotelDruid Hotel Management ...
CVE-2021-42948vulnerable (no DSA)fixedfixedHotelDruid Hotel Management Software v3.0.3 and below was discovered t ...
CVE-2021-38559vulnerable (no DSA)fixedfixedDigitalDruid HotelDruid 3.0.2 has an XSS vulnerability in prenota.php ...
CVE-2021-37833vulnerable (no DSA)fixedfixedA reflected cross-site scripting (XSS) vulnerability exists in multipl ...
CVE-2021-37832vulnerable (no DSA)fixedfixedA SQL injection vulnerability exists in version 3.0.2 of Hotel Druid w ...

Open unimportant issues

BugbullseyebookwormsidDescription
CVE-2024-23091vulnerablevulnerablevulnerableWeak password hashing using MD5 in funzioni.php in HotelDruid before 1 ...

Resolved issues

BugDescription
CVE-2019-9087HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php nu ...
CVE-2019-9086HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle ...
CVE-2019-9085Hoteldruid before v2.3.1 allows remote authenticated users to cause a ...
CVE-2019-9084In Hoteldruid before 2.3.1, a division by zero was discovered in $num_ ...
CVE-2019-8937HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, ori ...
CVE-2018-1000871HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL I ...

Search for package or bug name: Reporting problems