Lucene search
K

6 matches found

0day.today
0day.today
added 2019/01/11 12:0 a.m.47 views

OpenSource ERP 6.3.1. - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenSource ERP SQL Injection Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows...

7.5CVSS0.1AI score0.2471EPSS
Exploits6
NVD
NVD
added 2019/01/10 5:29 p.m.28 views

CVE-2019-5893

Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter...

9.8CVSS9.9AI score0.2471EPSS
Exploits6References2
CVE
CVE
added 2019/01/10 5:0 p.m.63 views

CVE-2019-5893

OpenSource ERP v6.3.1 is affected by a SQL Injection via the db/utils/query/data.xml query parameter. The root cause is improper handling/validation of input in the query endpoint, allowing injection attacks. A PoC exists (and multiple exploit references describe POSTing to /db/utils/query/data.x...

9.8CVSS9.9AI score0.2471EPSS
Exploits6References2Affected Software1
Packet Storm
Packet Storm
added 2019/01/10 12:0 a.m.54 views

OpenSource ERP 6.3.1 SQL Injection

Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre AVANA Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows CVE-2019-5893...

9.7AI score0.2471EPSS
Exploits6
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.23 views

OpenSource ERP 6.3.1. - SQL Injection

OpenSource ERP 6.3.1. - SQL Injection Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Window...

7.5CVSS10AI score0.2471EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/01/10 12:0 a.m.52 views

OpenSource ERP 6.3.1. - SQL Injection

Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows CVE-2019-5893...

9.8CVSS9.6AI score0.2471EPSS
Exploits6
Rows per page
Query Builder