HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter.
Source: NIST
CVE-2019-9087
Security in mind
HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php numtariffa1 parameter.
Source: NIST
CVE-2019-9087