6 matches found
EUVD-2024-42680
Malicious code in bioql PyPI...
CVE-2024-47769
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement...
CVE-2024-47769 IDURAR has a Path Traversal (unauthenticated user can read sensitive data)
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement...
CVE-2024-47769 IDURAR has a Path Traversal (unauthenticated user can read sensitive data)
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement...
CVE-2024-47769
Summary: CVE-2024-47769 affects IDURAR, an open-source ERP/CRM. The vulnerability is in corePublicRouter.js where a public endpoint is accessible to unauthenticated users and user input is directly appended to a join statement, enabling a URL-encoded payload to be processed. This can allow an att...
CVE-2024-47769 IDURAR has a Path Traversal (unauthenticated user can read sensitive data)
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement...