| Release | Version |
|---|---|
| buster | 2.3.2-1 |
| bullseye | 3.0.1-1 |
| bookworm | 3.0.4-1 |
| sid | 3.0.4-1 |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2022-26564 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | HotelDruid Hotel Management Software v3.0.3 contains a cross-site scri ... |
| CVE-2022-22909 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | HotelDruid v3.0.3 was discovered to contain a remote code execution (R ... |
| CVE-2021-42949 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | The component controlla_login function in HotelDruid Hotel Management ... |
| CVE-2021-42948 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | HotelDruid Hotel Management Software v3.0.3 and below was discovered t ... |
| CVE-2021-38559 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | DigitalDruid HotelDruid 3.0.2 has an XSS vulnerability in prenota.php ... |
| CVE-2021-37833 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A reflected cross-site scripting (XSS) vulnerability exists in multipl ... |
| CVE-2021-37832 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid w ... |
| Bug | Description |
|---|---|
| CVE-2019-9087 | HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php nu ... |
| CVE-2019-9086 | HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle ... |
| CVE-2019-9085 | Hoteldruid before v2.3.1 allows remote authenticated users to cause a ... |
| CVE-2019-9084 | In Hoteldruid before 2.3.1, a division by zero was discovered in $num_ ... |
| CVE-2019-8937 | HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, ori ... |
| CVE-2018-1000871 | HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL I ... |