The vulnerability of the Enterprise Resource Management System “Galaktika ERP” allows a hacker to obtain arbitrary files from the server or overwrite arbitrary files with fixed data.

The vulnerability of the GALAXY ERP resource management system is related to architectural weaknesses in the components .res files that have XML file export functionality. Exploiting this vulnerability allows a malicious actor to read or re-write any file on the server by entering the file path...