{"url":"http://public2.vulnerablecode.io/api/packages/45246?format=json","purl":"pkg:deb/debian/hoteldruid@2.3.0-2?distro=sid","type":"deb","namespace":"debian","name":"hoteldruid","version":"2.3.0-2","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.3.2-1","latest_non_vulnerable_version":"3.0.8-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205666?format=json","vulnerability_id":"VCID-aqnd-e4hc-wkfv","summary":"HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in \"id_utente_mod\" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver. This attack appear to be exploitable via the attack can be done by anyone via specially crafted sql query passed to the \"id_utente_mod=1\" parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000871","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52896","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000871"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917099","reference_id":"917099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917099"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45246?format=json","purl":"pkg:deb/debian/hoteldruid@2.3.0-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hoteldruid@2.3.0-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/45247?format=json","purl":"pkg:deb/debian/hoteldruid@3.0.1-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2nn9-rgza-87d9"},{"vulnerability":"VCID-4srd-dyed-eyb3"},{"vulnerability":"VCID-558m-mc3y-gkda"},{"vulnerability":"VCID-8fx9-nzvp-ayca"},{"vulnerability":"VCID-bet7-9s79-sqgx"},{"vulnerability":"VCID-bxr7-mb6r-k3fq"},{"vulnerability":"VCID-cfps-neu3-e3cs"},{"vulnerability":"VCID-eh1x-tdqf-eugs"},{"vulnerability":"VCID-etv3-tzr4-wber"},{"vulnerability":"VCID-hn36-tbmp-pfey"},{"vulnerability":"VCID-jt8r-epyb-6ue8"},{"vulnerability":"VCID-jv6q-8jm8-6ubr"},{"vulnerability":"VCID-kx2f-y9xu-m3gp"},{"vulnerability":"VCID-mjg4-ypwn-h3dk"},{"vulnerability":"VCID-n6bb-64gm-67ba"},{"vulnerability":"VCID-pqug-d16y-x3fs"},{"vulnerability":"VCID-pu4m-tx6g-k7cb"},{"vulnerability":"VCID-py67-h37a-kkc7"},{"vulnerability":"VCID-qbz2-j8pb-eqhu"},{"vulnerability":"VCID-ran2-h83t-wke6"},{"vulnerability":"VCID-smee-4ac2-m7dc"},{"vulnerability":"VCID-tf4k-sdp1-tudg"},{"vulnerability":"VCID-wv1z-u3ra-3uhw"},{"vulnerability":"VCID-z46c-xy46-skbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hoteldruid@3.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/45245?format=json","purl":"pkg:deb/debian/hoteldruid@3.0.4-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8fx9-nzvp-ayca"},{"vulnerability":"VCID-bxr7-mb6r-k3fq"},{"vulnerability":"VCID-cfps-neu3-e3cs"},{"vulnerability":"VCID-eh1x-tdqf-eugs"},{"vulnerability":"VCID-etv3-tzr4-wber"},{"vulnerability":"VCID-hn36-tbmp-pfey"},{"vulnerability":"VCID-jt8r-epyb-6ue8"},{"vulnerability":"VCID-jv6q-8jm8-6ubr"},{"vulnerability":"VCID-kx2f-y9xu-m3gp"},{"vulnerability":"VCID-pqug-d16y-x3fs"},{"vulnerability":"VCID-py67-h37a-kkc7"},{"vulnerability":"VCID-qbz2-j8pb-eqhu"},{"vulnerability":"VCID-ran2-h83t-wke6"},{"vulnerability":"VCID-smee-4ac2-m7dc"},{"vulnerability":"VCID-tf4k-sdp1-tudg"},{"vulnerability":"VCID-wv1z-u3ra-3uhw"},{"vulnerability":"VCID-z46c-xy46-skbf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hoteldruid@3.0.4-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/45248?format=json","purl":"pkg:deb/debian/hoteldruid@3.0.8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hoteldruid@3.0.8-1%3Fdistro=sid"}],"aliases":["CVE-2018-1000871"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aqnd-e4hc-wkfv"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hoteldruid@2.3.0-2%3Fdistro=sid"}