40 matches found
EUVD-2023-0869
Malicious code in bioql PyPI...
EUVD-2022-6571
Malicious code in bioql PyPI...
EUVD-2022-6606
Malicious code in bioql PyPI...
EUVD-2022-35186
Malicious code in bioql PyPI...
CVE-2023-24788
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
CVE-2022-2965
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7...
CVE-2022-2871
Cross-site Scripting XSS - Stored in GitHub repository notrinos/notrinoserp prior to 0.7...
CVE-2022-2927
Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7...
NotrinosERP 0.7 SQL Injection
Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...
NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit
Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage: https://notrinos.com/ Version: 0...
NotrinosERP 0.7 - Authenticated Blind SQL Injection
Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...
NotrinosERP vulnerable to SQL Injection
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
GHSA-4PQP-69M3-F8PP NotrinosERP vulnerable to SQL Injection
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
CVE-2023-24788
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
CVE-2023-24788
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
Sql injection
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
PT-2023-19782 · Unknown · Notrinoserp
Name of the Vulnerable Software and Affected Versions: NotrinosERP version 0.7 Description: The issue is a SQL injection vulnerability that can be exploited via the OrderNumber parameter at the "/NotrinosERP/sales/customer delivery.php" API endpoint. This allows for potential unauthorized access ...
CVE-2023-24788
NotrinosERP v0.7 contains a SQL injection vulnerability exploitable via the OrderNumber parameter in /NotrinosERP/sales/customer_delivery.php. The vulnerability is described as an authenticated, blind (time-based) SQLi on the OrderNumber GET parameter, allowing an attacker with valid session to i...
CVE-2023-24788
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...
notrinoserp SQL注入漏洞
notrinoserp is a web-based ERP by Phương Individual Developer, an accounting system written in PHP and MySql. A SQL injection vulnerability exists in notrinoserp version 0.7, which originates from the OrderNumber parameter in /NotrinosERP/sales/customerdelivery.php contains a SQL injection...