CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...

8.8CVSS8.8AI score0.00872EPSS

Exploits4

0day.today•added 2023/04/07 12:0 a.m.•176 views

NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage: https://notrinos.com/ Version: 0...

8.8CVSS8.7AI score0.00872EPSS

Exploits4

Exploit DB•added 2023/04/07 12:0 a.m.•233 views

NotrinosERP 0.7 - Authenticated Blind SQL Injection

8.8CVSS7AI score0.00872EPSS

Exploits4

Github Security Blog•added 2023/03/23 9:30 p.m.•41 views

NotrinosERP vulnerable to SQL Injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

8.8CVSS9.3AI score0.00872EPSS

Exploits4References7Affected Software1

OSV•added 2023/03/23 9:30 p.m.•41 views

GHSA-4PQP-69M3-F8PP NotrinosERP vulnerable to SQL Injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

8.8CVSS8.9AI score0.00872EPSS

Exploits4References6

OSV•added 2023/03/23 9:15 p.m.•8 views

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

8.8CVSS9.2AI score0.00872EPSS

Exploits4References5

NVD•added 2023/03/23 9:15 p.m.•7 views

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

8.8CVSS8.9AI score0.00872EPSS

Exploits4References5

Prion•added 2023/03/23 9:15 p.m.•5 views

Sql injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

6.5CVSS8.9AI score0.00872EPSS

Exploits4References5Affected Software1

Vulnrichment•added 2023/03/23 12:0 a.m.•6 views

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

8.9AI score0.00872EPSS

Exploits4References5

Positive Technologies•added 2023/03/23 12:0 a.m.•2 views

PT-2023-19782 · Unknown · Notrinoserp

Name of the Vulnerable Software and Affected Versions: NotrinosERP version 0.7 Description: The issue is a SQL injection vulnerability that can be exploited via the OrderNumber parameter at the "/NotrinosERP/sales/customer delivery.php" API endpoint. This allows for potential unauthorized access ...

8.8CVSS8.5AI score0.00872EPSS

Exploits4References12

CVE•added 2023/03/23 12:0 a.m.•54 views

CVE-2023-24788

NotrinosERP v0.7 contains a SQL injection vulnerability exploitable via the OrderNumber parameter in /NotrinosERP/sales/customer_delivery.php. The vulnerability is described as an authenticated, blind (time-based) SQLi on the OrderNumber GET parameter, allowing an attacker with valid session to i...

8.8CVSS8.8AI score0.00872EPSS

Exploits4References5Affected Software1