EUVD-2023-0869

Malicious code in bioql PyPI...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

CVE-2025-3532

A vulnerability classified as problematic was found in YouDianCMS 9.5.21. This vulnerability affects unknown code of the file /App/Tpl/Member/Default/Order/index.html.Attackers. The manipulation of the argument OrderNumber leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2025-3532

A vulnerability classified as problematic was found in YouDianCMS 9.5.21. This vulnerability affects unknown code of the file /App/Tpl/Member/Default/Order/index.html.Attackers. The manipulation of the argument OrderNumber leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2025-3532 YouDianCMS index.html.Attackers cross site scripting

A vulnerability classified as problematic was found in YouDianCMS 9.5.21. This vulnerability affects unknown code of the file /App/Tpl/Member/Default/Order/index.html.Attackers. The manipulation of the argument OrderNumber leads to cross site scripting. The attack can be initiated remotely. The...

CVE-2025-3532 YouDianCMS index.html.Attackers cross site scripting

A vulnerability classified as problematic was found in YouDianCMS 9.5.21. This vulnerability affects unknown code of the file /App/Tpl/Member/Default/Order/index.html.Attackers. The manipulation of the argument OrderNumber leads to cross site scripting. The attack can be initiated remotely. The...

PT-2025-16177 · Unknown · Youdiancms

Name of the Vulnerable Software and Affected Versions: YouDianCMS version 9.5.21 Description: A vulnerability was found in YouDianCMS, affecting unknown code of the file /App/Tpl/Member/Default/Order/index.html. The manipulation of the OrderNumber argument leads to cross-site scripting. The attac...

SQL Injection

notrinos/notrinos-erp is vulnerable to SQL Injection. The vulnerability exists because the $transno parameter is not properly sanitized in the adjustshippingcharge function of salesdeliverydb.inc , which allows an attacker to inject and execute malicious SQL queries through the OrderNumber...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

Sql injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

PT-2023-19782 · Unknown · Notrinoserp

Name of the Vulnerable Software and Affected Versions: NotrinosERP version 0.7 Description: The issue is a SQL injection vulnerability that can be exploited via the OrderNumber parameter at the "/NotrinosERP/sales/customer delivery.php" API endpoint. This allows for potential unauthorized access ...

CVE-2023-24788

NotrinosERP v0.7 contains a SQL injection vulnerability exploitable via the OrderNumber parameter in /NotrinosERP/sales/customer_delivery.php. The vulnerability is described as an authenticated, blind (time-based) SQLi on the OrderNumber GET parameter, allowing an attacker with valid session to i...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

notrinoserp SQL注入漏洞

notrinoserp is a web-based ERP by Phương Individual Developer, an accounting system written in PHP and MySql. A SQL injection vulnerability exists in notrinoserp version 0.7, which originates from the OrderNumber parameter in /NotrinosERP/sales/customerdelivery.php contains a SQL injection...

baur.de XSS vulnerability

Vulnerable URL: https://www.baur.de/is-bin/INTERSHOP.enfinity/WFS/BaurDe-Shop-Site/deDE/-/EUR/ViewProductDetail-OrderNumber?OrderNumber=605567...

Unfixed XSS vulnerability at secure.instantssl.com

Security researcher Fabian Fingerle, has submitted on 04/08/2008 a cross-site-scripting XSS vulnerability affecting secure.instantssl.com, which at the time of submission ranked 47936 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/08/2008. ...