EUVD-2026-9326

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contains Reflected XSS vulnerabilities in invoice/order/contract modification modals. The application fails to properly sanitize user-supplied input from the righe GET...

Filosoft Comerc32 安全漏洞

Filosoft Comerc32 is a commercial invoicing and management software developed by the Portuguese company Filosoft. Version Filosoft Comerc32 Commercial Invoicing 16.0.0.3 contains a security vulnerability. This vulnerability stems from a flaw in the comeinst.exe file, which may allow local attacke...

CVE-2026-24419

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...

CVE-2024-47769 IDURAR has a Path Traversal (unauthenticated user can read sensitive data)

IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement...

PT-2023-32664 · Unknown · Bigprof Online Invoicing System

Name of the Vulnerable Software and Affected Versions: BigProf Online Invoicing System version 2.6 Description: A vulnerability has been discovered in the BigProf Online Invoicing System, which does not sufficiently encode user-controlled input, resulting in persistent XSS through the...