Hoteldruid Management Panel Access

What is the "Hoteldruid Management Panel Access?"

The "Hoteldruid Management Panel Access" module is designed to detect a vulnerability in the Hoteldruid Panel software. This vulnerability allows remote unauthenticated users to access the management portal without authentication. The severity of this vulnerability is classified as high.

This module was authored by princechaddha.

Impact

If exploited, this vulnerability could potentially allow unauthorized individuals to gain access to sensitive information and perform unauthorized actions within the Hoteldruid management panel.

How the module works?

The "Hoteldruid Management Panel Access" module works by sending HTTP requests to specific paths ("/hoteldruid/inizio.php" and "/inizio.php") and then applying matching conditions to determine if the vulnerability exists.

The matching conditions for this module include:

- Checking the response status code to ensure it is 200 (OK). - Searching for specific words in the response body, including "", "INSERT:", and "TABLES:".

If both matching conditions are met, the module will report the vulnerability.

Here is an example of an HTTP request sent by the module:

GET /hoteldruid/inizio.php HTTP/1.1
Host: [target_host]

It is important to note that this module does not provide any fixes or solutions for the detected vulnerability. Its purpose is solely to identify the presence of the vulnerability.