HotelDruid 3.0.3 - Remote Code Execution via Create New Room Name Field
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.