Filtered by vendor Notrinos
Subscribe
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24788 | 1 Notrinos | 1 Notrinoserp | 2023-12-10 | N/A | 8.8 HIGH |
| NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php. | |||||
| CVE-2022-2927 | 1 Notrinos | 1 Notrinoserp | 2023-12-10 | N/A | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. | |||||
| CVE-2022-2921 | 1 Notrinos | 1 Notrinoserp | 2023-12-10 | N/A | 8.8 HIGH |
| Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions. | |||||
| CVE-2022-2871 | 1 Notrinos | 1 Notrinoserp | 2023-12-10 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7. | |||||
| CVE-2022-2965 | 1 Notrinos | 1 Notrinoserp | 2023-12-10 | N/A | 4.3 MEDIUM |
| Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7. | |||||