Lucene search
NotrinosNotrinoserp
2 matches found
CVE-2022-2921
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update l...
8.8CVSS9AI score0.00138EPSS
CVE-2023-24788
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.
8.8CVSS8.8AI score0.00631EPSS