GHSA-4J2X-JH4M-FQV6 OpenSTAManager has a SQL Injection in the Prima Nota module

Summary Critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages by injecting...

OpenSTAManager 安全漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager prior to v2.9.8 contained security vulnerabilities. These vulnerabilities stemmed from insufficient validation of the iddocumenti GET parameters in the Prima...