Design/Logic Flaw

2019-06-0721:29:00

PRIOn knowledge base

www.prio-n.com

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.4%

JSON

In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=1a URI. It could allow an administrator to conduct remote denial of service (disrupting certain business functions of the product).

CPENameOperatorVersion
hoteldruidlt2.3.1

CPE	Name	Operator	Version
	hoteldruid	lt	2.3.1

References

www.hoteldruid.com/en/download.html

metamorfosec.com/Files/Advisories/METS-2019-005-A_division_by_zero_in_Hoteldruid_before_v2.3.1.txt