.. / CVE-2023-43374

Exploit for Hoteldruid v3.0.5 - SQL Injection (CVE-2023-43374)

Description:

Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php.

Nuclei Template

View the template here CVE-2023-43374.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-43374.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-43374
https://flashy-lemonade-192.notion.site/SQL-injection-in-hoteldruid-version-3-0-5-via-id_utente_log-parameter-8b89f014004947e7bd2ecdacf1610cf9