notrinos/notrinos-erp is vulnerable to SQL Injection. The vulnerability exists because the $trans_no
parameter is not properly sanitized in the adjust_shipping_charge
function of sales_delivery_db.inc
, which allows an attacker to inject and execute malicious SQL queries through the OrderNumber
parameter in the customer_delivery.php
endpoint.
packetstormsecurity.com/files/171804/NotrinosERP-0.7-SQL-Injection.html
github.com/advisories/GHSA-4pqp-69m3-f8pp
github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md
github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md
github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.py
github.com/arvandy/CVE/blob/main/NotrinosERP/POC.md
github.com/notrinos/NotrinosERP
github.com/notrinos/NotrinosERP/blob/master/sales/includes/db/sales_delivery_db.inc#L204