Information on source package hoteldruid

Available versions

ReleaseVersion
buster2.3.2-1
bullseye3.0.1-1
bookworm3.0.4-1
trixie3.0.6-1
sid3.0.6-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-47164vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedCross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier all ...
CVE-2023-43377vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedA cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_c ...
CVE-2023-43376vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedA cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php ...
CVE-2023-43375vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHoteldruid v3.0.5 was discovered to contain multiple SQL injection vul ...
CVE-2023-43374vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-43373vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-43371vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedHoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-34854vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedAuthenticated remote code execution via backup/restore in HotelDruid
CVE-2023-34537vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedA Reflected XSS was discovered in HotelDruid version 3.0.5, an attacke ...
CVE-2023-33817vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedhoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...
CVE-2023-29839vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedA Stored Cross Site Scripting (XSS) vulnerability exists in multiple p ...
CVE-2022-45592vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixed(1) Server Side Request Forgery (SSRF), (2) persistant Cross site scripting (XSS), and (3) File upload vulnerability.
CVE-2022-26564vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedHotelDruid Hotel Management Software v3.0.3 contains a cross-site scri ...
CVE-2022-22909vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedHotelDruid v3.0.3 was discovered to contain a remote code execution (R ...
CVE-2021-42949vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe component controlla_login function in HotelDruid Hotel Management ...
CVE-2021-42948vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedHotelDruid Hotel Management Software v3.0.3 and below was discovered t ...
CVE-2021-38559vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedDigitalDruid HotelDruid 3.0.2 has an XSS vulnerability in prenota.php ...
CVE-2021-37833vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA reflected cross-site scripting (XSS) vulnerability exists in multipl ...
CVE-2021-37832vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA SQL injection vulnerability exists in version 3.0.2 of Hotel Druid w ...

Resolved issues

BugDescription
CVE-2019-9087HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php nu ...
CVE-2019-9086HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle ...
CVE-2019-9085Hoteldruid before v2.3.1 allows remote authenticated users to cause a ...
CVE-2019-9084In Hoteldruid before 2.3.1, a division by zero was discovered in $num_ ...
CVE-2019-8937HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, ori ...
CVE-2018-1000871HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL I ...
Search for package or bug name: Reporting problems