CVE-2019-9086 HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle.php anno parameter. Source: NIST CVE-2019-9086 June 7, 2019 by admin Uncategorized