inoERP 0.6.1 CSRF / XSS / SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 === FOXMOLE - Security Advisory 2017-01-25 === inoERP - Multiple Issues Affected Versions ================= inoERP 0.6.1 Issue Overview ============== Vulnerability Type: SQL Injection, Cross Site Scripting, Cross Site Request Forgery, Session...

PLANET IP LFI / CSRF / XSS / Authentication Bypass

| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-06 www.orwelllabs.com Twitter:@orwelllabs mantra: ...not affect a product that is in scope for... AhHum! Overview ======== Technical Risk: high Likelihood of...