Debian Bug report logs -
#1052572
hoteldruid: CVE-2023-43371 CVE-2023-43373 CVE-2023-43374 CVE-2023-43375 CVE-2023-43376 CVE-2023-43377
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Marco Maria Francesco De Santis <marco@digitaldruid.net>:
Bug#1052572; Package hoteldruid.
(Sun, 24 Sep 2023 21:39:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Markus Koschany <apo@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Marco Maria Francesco De Santis <marco@digitaldruid.net>.
(Sun, 24 Sep 2023 21:39:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: hoteldruid
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for hoteldruid.
CVE-2023-43371[0]:
| Hoteldruid v3.0.5 was discovered to contain a SQL injection
| vulnerability via the numcaselle parameter at
| /hoteldruid/creaprezzi.php.
CVE-2023-43373[1]:
| Hoteldruid v3.0.5 was discovered to contain a SQL injection
| vulnerability via the n_utente_agg parameter at
| /hoteldruid/interconnessioni.php.
CVE-2023-43374[2]:
| Hoteldruid v3.0.5 was discovered to contain a SQL injection
| vulnerability via the id_utente_log parameter at
| /hoteldruid/personalizza.php.
CVE-2023-43375[3]:
| Hoteldruid v3.0.5 was discovered to contain multiple SQL injection
| vulnerabilities at /hoteldruid/clienti.php via the annonascita,
| annoscaddoc, giornonascita, giornoscaddoc, lingua_cli, mesenascita,
| and mesescaddoc parameters.
CVE-2023-43376[4]:
| A cross-site scripting (XSS) vulnerability in
| /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to
| execute arbitrary web scripts or HTML via a crafted payload injected
| into the nometipotariffa1 parameter.
CVE-2023-43377[5]:
| A cross-site scripting (XSS) vulnerability in
| /hoteldruid/visualizza_contratto.php of Hoteldruid v3.0.5 allows
| attackers to execute arbitrary web scripts or HTML via a crafted
| payload injected into the destinatario_email1 parameter.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-43371
https://www.cve.org/CVERecord?id=CVE-2023-43371
[1] https://security-tracker.debian.org/tracker/CVE-2023-43373
https://www.cve.org/CVERecord?id=CVE-2023-43373
[2] https://security-tracker.debian.org/tracker/CVE-2023-43374
https://www.cve.org/CVERecord?id=CVE-2023-43374
[3] https://security-tracker.debian.org/tracker/CVE-2023-43375
https://www.cve.org/CVERecord?id=CVE-2023-43375
[4] https://security-tracker.debian.org/tracker/CVE-2023-43376
https://www.cve.org/CVERecord?id=CVE-2023-43376
[5] https://security-tracker.debian.org/tracker/CVE-2023-43377
https://www.cve.org/CVERecord?id=CVE-2023-43377
Please adjust the affected versions in the BTS as needed.
Regards,
Markus
[signature.asc (application/pgp-signature, inline)]
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 25 Sep 2023 04:27:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Mon Sep 25 17:53:57 2023;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon