CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-37832

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.131

EPSS Ranking 93.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/dievus/CVE-2021-37832
https://www.hoteldruid.com
https://github.com/dievus/CVE-2021-37832
https://www.hoteldruid.com

Products affected by CVE-2021-37832

Digitaldruid » Hoteldruid » Version: 3.0.2

cpe:2.3:a:digitaldruid:hoteldruid:3.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-37832

Products

Pricing

Contact Us