id: unauth-hoteldruid-panel info: name: Hoteldruid Management Panel Access author: princechaddha severity: high description: A vulnerability in Hoteldruid Panel allows remote unauthenticated users access to the management portal without authentication. reference: - https://github.com/nomi-sec/PoC-in-GitHub/blob/master/2021/CVE-2021-42949.json - https://www.hoteldruid.com/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 tags: hoteldruid,panel,unauth metadata: max-request: 2 http: - method: GET path: - "{{BaseURL}}/hoteldruid/inizio.php" - "{{BaseURL}}/inizio.php" matchers-condition: and matchers: - type: status status: - 200 - type: word part: body words: - " HotelDruid " - "INSERT:" - "TABLES:" condition: and