NotrinosERP 0.7 SQL Injection

Exploit Title: NotrinosERP 0.7 - Authenticated Blind SQL Injection Date: 11-03-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md Software Link: https://github.com/notrinos/NotrinosERP/releases/tag/0.7 Vendor Homepage:...

NotrinosERP vulnerable to SQL Injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

GHSA-4PQP-69M3-F8PP NotrinosERP vulnerable to SQL Injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

Sql injection

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customerdelivery.php...

notrinoserp SQL注入漏洞

notrinoserp is a web-based ERP by Phương Individual Developer, an accounting system written in PHP and MySql. A SQL injection vulnerability exists in notrinoserp version 0.7, which originates from the OrderNumber parameter in /NotrinosERP/sales/customerdelivery.php contains a SQL injection...