Critical severity9.8NVD Advisory· Published Dec 20, 2018· Updated Jun 17, 2026
CVE-2018-1000871
CVE-2018-1000871
Description
HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in "id_utente_mod" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the "id_utente_mod=1" parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2.3.0
Patches
Vulnerability mechanics
References
1- www.exploit-db.com/exploits/45976nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.