Medium severity6.5NVD Advisory· Published Jun 24, 2019· Updated Jun 17, 2026
CVE-2019-9085
CVE-2019-9085
Description
Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service (invoice-creation outage) via the n_file parameter to visualizza_contratto.php with invalid arguments (any non-numeric value), as demonstrated by the anno=2019&id_transazione=1&numero_contratto=1&n_file=a query string to visualizza_contratto.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Hoteldruid/Hoteldruiddescription
- Range: <2.3.1
Patches
Vulnerability mechanics
References
2- metamorfosec.com/Files/Advisories/METS-2019-006-An_Invalid_Arguments_in_Hoteldruid_before_v2.3.1.txtnvdExploitThird Party Advisory
- www.hoteldruid.com/en/download.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.