Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IdurarappIdurar

4 matches found

CVE
CVEadded 2024/03/05 12:15 a.m.73 views

CVE-2024-25164

iA Path Traversal vulnerability exists in iDURAR v2.0.0, that allows unauthenticated attackers to expose sensitive files via the download functionality.

7.5CVSS6.7AI score0.0042EPSS
CVE
CVEadded 2023/12/30 11:15 p.m.63 views

CVE-2023-52265

IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data.

5.4CVSS5AI score0.00092EPSS
CVE
CVEadded 2024/10/04 3:15 p.m.55 views

CVE-2024-47769

IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is accessible to an unauthenticated user. The user's input is directly appended to the join statement with...

7.5CVSS7.4AI score0.0058EPSS
CVE
CVEadded 2023/05/16 8:15 p.m.38 views

CVE-2023-27742

IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login.

9.8CVSS9.7AI score0.00266EPSS