17 matches found
EUVD-2024-52176
Malicious code in bioql PyPI...
CVE-2025-58156 Centurion ERP users can view hashed authentication tokens that belong to other users
Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token details within the database. This includes the actual token, although only the hashed token. This does not include any un-hashed...
CVE-2025-58156 Centurion ERP users can view hashed authentication tokens that belong to other users
Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token details within the database. This includes the actual token, although only the hashed token. This does not include any un-hashed...
CVE-2024-49373
No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...
CVE-2024-53855
Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...
CVE-2024-53855
Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...
CVE-2024-53855 User can view tickets from organizations they're not apart of in centurion_erp
Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...
CVE-2024-53855 User can view tickets from organizations they're not apart of in centurion_erp
Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...
CVE-2024-53855
Centurion ERP prior to 1.3.1 allows an authenticated user with certain ticket-view permissions (view_ticket_change, view_ticket_incident, view_ticket_request, view_ticket_problem) to view tickets belonging to other organizations when using the API endpoints for tickets. The UI and Project Tasks a...
CVE-2024-53855 User can view tickets from organizations they're not apart of in centurion_erp
Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...
PT-2024-35952 · Unknown · Centurion Erp
Name of the Vulnerable Software and Affected Versions: Centurion ERP versions prior to 1.3.1 Description: A user with view permissions for a ticket can view the tickets of another organization they are not a part of, if they have specific permissions such as view ticket change, view ticket...
No Fuss Computing Centurion ERP 安全漏洞
No Fuss Computing Centurion ERP is an open source enterprise resource planning ERP software from No Fuss Computing. A security vulnerability exists in No Fuss Computing Centurion ERP versions prior to 1.3.1, which originated when an authenticated user with work order viewing privileges could view...
CVE-2024-49373
No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...
CVE-2024-49373 Centurion ERP user can view projects from organizations they're not apart of
No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...
CVE-2024-49373 Centurion ERP user can view projects from organizations they're not apart of
No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...
CVE-2024-49373
CVE-2024-49373 affects No Fuss Computing Centurion ERP. Prior to version 1.2.1, an authenticated user can view projects within organizations they do not belong to. The issue is fixed in version 1.2.1. Affected: Centurion ERP (No Fuss Computing); Root cause: exposed access to cross-organization pr...
CVE-2024-49373 Centurion ERP user can view projects from organizations they're not apart of
No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...