CVEDB API

Vulnerabilities

Vulnerable Software

Notrinos: >> Notrinoserp Security Vulnerabilities

CVE-2023-24788

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.

CVSS Score

8.8

EPSS Score

0.006

Published

2023-03-23

CVE-2022-2965

Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.

CVSS Score

6.4

EPSS Score

0.001

Published

2022-08-23

CVE-2022-2927

Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.

CVSS Score

7.3

EPSS Score

0.001

Published

2022-08-22

CVE-2022-2921

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions.

CVSS Score

8.8

EPSS Score

0.001

Published

2022-08-21

CVE-2022-2871

Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.

CVSS Score

4.6

EPSS Score

0.002

Published

2022-08-17

Page 1

Vulnerabilities

Vulnerable Software

Notrinos: >> Notrinoserp Security Vulnerabilities

Products

Pricing

Contact Us