Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Hoteldruid Management Panel Access

By kannthu

Vidoc logoVidoc Module

What is the "Hoteldruid Management Panel Access?"

The "Hoteldruid Management Panel Access" module is designed to detect a vulnerability in the Hoteldruid Panel software. This vulnerability allows remote unauthenticated users to access the management portal without authentication. The severity of this vulnerability is classified as high.

This module was authored by princechaddha.


If exploited, this vulnerability could potentially allow unauthorized individuals to gain access to sensitive information and perform unauthorized actions within the Hoteldruid management panel.

How the module works?

The "Hoteldruid Management Panel Access" module works by sending HTTP requests to specific paths ("/hoteldruid/inizio.php" and "/inizio.php") and then applying matching conditions to determine if the vulnerability exists.

The matching conditions for this module include:

- Checking the response status code to ensure it is 200 (OK). - Searching for specific words in the response body, including "", "INSERT:", and "TABLES:".

If both matching conditions are met, the module will report the vulnerability.

Here is an example of an HTTP request sent by the module:

GET /hoteldruid/inizio.php HTTP/1.1
Host: [target_host]

It is important to note that this module does not provide any fixes or solutions for the detected vulnerability. Its purpose is solely to identify the presence of the vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
status: 200and
word: <title> HotelDruid </title>, <b>INSERT:<...
Passive global matcher
No matching conditions.
On match action
Report vulnerability