A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
digitaldruid hoteldruid 3.0.2 |