CVE-2025-44203
published 2025-06-20CVE-2025-44203: In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By…
PriorityP344high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.54%
41.4th percentile
In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | hoteldruid | < hoteldruid 3.0.8-1 (sid) | hoteldruid 3.0.8-1 (sid) |
| digitaldruid | hoteldruid | — | — |
| digitaldruid | hoteldruid | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-754w-9jq2-jm5g: In HotelDruid 3
ghsa_unreviewed·2025-06-20
CVE-2025-44203 [HIGH] CWE-209 GHSA-754w-9jq2-jm5g: In HotelDruid 3
In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials.
OSV
CVE-2025-44203: In HotelDruid 3
osv·2025-06-20·CVSS 7.5
CVE-2025-44203 [HIGH] CVE-2025-44203: In HotelDruid 3
In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials.
Debian
CVE-2025-44203: hoteldruid - In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error m...
vendor_debian·2025·CVSS 7.5
CVE-2025-44203 [HIGH] CVE-2025-44203: hoteldruid - In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error m...
In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.php before the 'create database' button is pressed. By sending malformed POST requests to this endpoint, the attacker may obtain the administrator username, password hash, and salt. In some cases, the attack results in a Denial of Service (DoS), preventing the administrator from logging in even with the correct credentials.
Scope: local
bookworm: open
bullseye: open
sid: resolved (fixed in 3.0.8-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-06-20
Published