Skip to main content

Enterprise Resource Planning

5 CVEs product

Monthly

CVE-2021-30114 MEDIUM POC This Month

Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a voucher payment request through module/accounting/voucher/create. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Enterprise Resource Planning
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-30113 MEDIUM POC This Month

A blind XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in event name and description fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Enterprise Resource Planning
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-30112 MEDIUM POC This Month

Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a student_leave_application request through. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Enterprise Resource Planning
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-30111 MEDIUM POC This Month

A stored XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in the event name and description fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Enterprise Resource Planning
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2015-1312 HIGH This Week

The Dealer Portal in SAP ERP does not properly restrict access, which allows remote attackers to obtain sensitive information, gain privileges, and possibly have other unspecified impact via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Enterprise Resource Planning
NVD
CVSS 2.0
7.5
EPSS
0.5%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a voucher payment request through module/accounting/voucher/create. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Enterprise Resource Planning
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A blind XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in event name and description fields. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Enterprise Resource Planning
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a student_leave_application request through. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Enterprise Resource Planning
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A stored XSS vulnerability exists in Web-School ERP V 5.0 via (Add Events) in the event name and description fields. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Enterprise Resource Planning
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

The Dealer Portal in SAP ERP does not properly restrict access, which allows remote attackers to obtain sensitive information, gain privileges, and possibly have other unspecified impact via unknown. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Enterprise Resource Planning
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy