Vulnerabilities > Digitaldruid > Hoteldruid > 3.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-10 | CVE-2023-47164 | Cross-site Scripting vulnerability in Digitaldruid Hoteldruid Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product. | 6.1 |
2021-08-26 | CVE-2021-38559 | Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.2 DigitalDruid HotelDruid 3.0.2 has an XSS vulnerability in prenota.php affecting the fineperiodo1 parameter. | 4.3 |
2021-08-03 | CVE-2021-37832 | SQL Injection vulnerability in Digitaldruid Hoteldruid 3.0.2 A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. | 7.5 |
2021-08-03 | CVE-2021-37833 | Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.2 A reflected cross-site scripting (XSS) vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands. | 4.3 |