In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the…
mitre·CWE-369·Published 2019-06-07
In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=1a URI. It could allow an administrator to conduct remote denial of service (disrupting certain business functions of the product).
In Hoteldruid before 2.3.1, a division by zero was discovered in $num_tabelle in tab_tariffe.php (aka the numtariffa1 parameter) due to the mishandling of non-numeric values, as demonstrated by the /tab_tariffe.php?anno=[YEAR]&numtariffa1=1a URI. It could allow an administrator to conduct remote denial of service (disrupting certain business functions of the product).
En Hoteldruid versión anterior a 2.3.1, fue encontrada una división por cero en el archivo $ num_tabelle en tab_tariffe.php (también se conoce como el parámetro numtariffa1) debido al mal manejo de los valores no numéricos, como lo demuestra el URI /tab_tariffe.php?anno='YYAR] & numtariffa1=1a. Podría permitir a un administrador realizar una denegación de servicio remota (interrumpir ciertas funciones comerciales del producto).
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 4.0 | 8.0 | 2.9 | AV:N/AC:L/Au:S/C:N/I:N/A:P |
| 3.0 | Primary | NVD | 4.9 | 1.2 | 3.6 | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |