CVE-2023-43373 Scanner
CVE-2023-43373 scanner - SQL Injection vulnerability in Hoteldruid
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
4 weeks
Scan only one
Domain, IPv4
Toolbox
-
Hoteldruid is a web-based software used in the hotel and accommodation industry for managing bookings and customer interactions. It's developed by Digitaldruid, widely used by hotel managers and property administrators to streamline operational tasks. The platform integrates booking, invoicing, and room management into a single system. Given its web-accessible nature, it is vulnerable to security exploits if not properly secured. Hoteldruid version 3.0.5 has been identified to contain SQL Injection vulnerabilities that could compromise user data.
The SQL Injection vulnerability in Hoteldruid version 3.0.5 allows attackers to send specially crafted queries via the "n_utente_agg" parameter. This can lead to arbitrary SQL query execution on the affected system. The flaw exists in the "interconnessioni.php" endpoint and can give unauthorized access to sensitive database information. Exploiting this vulnerability can compromise the entire database.
The vulnerability resides in the “n_utente_agg” parameter found in Hoteldruid’s interconnection page (/hoteldruid/interconnessioni.php). Attackers can manipulate this parameter to inject malicious SQL queries. By leveraging sleep-based SQL injection, attackers can verify the presence of this vulnerability through query execution timing differences. The endpoint does not properly sanitize input, allowing unauthenticated users to interact with the database and extract sensitive data. This lack of input validation leads to a critical risk of database manipulation and potential data exposure.
Exploiting this vulnerability could result in an attacker gaining unauthorized access to the Hoteldruid database. They can execute arbitrary SQL queries, read, modify, or delete sensitive information stored within the system. This could lead to severe consequences such as data theft, account takeover, or complete database compromise. The attacker may also escalate privileges and gain full control over the system.
By using the S4E platform, you can automate the detection of critical vulnerabilities like SQL Injection in your digital assets. Our platform continuously monitors and tests your applications, offering real-time notifications about security issues that could impact your business. With detailed reporting and easy-to-follow remediation steps, you can ensure that your systems remain secure. Becoming a member allows you to take full advantage of these features and safeguard your organization against cyber threats.
References: