Skip to main content

Notrinoserp

5 CVEs product

Monthly

CVE-2023-24788 PHP HIGH POC This Week

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Notrinoserp
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
3.1%
CVE-2022-2965 MEDIUM POC PATCH This Month

Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Notrinoserp
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-2927 PHP CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Notrinoserp
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-2921 PHP HIGH POC PATCH This Week

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Notrinoserp
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-2871 PHP MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Notrinoserp
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
EPSS 3% CVSS 8.8
HIGH POC This Week

NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Notrinoserp
NVD GitHub Exploit-DB
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Notrinoserp
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Notrinoserp
NVD GitHub
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Notrinoserp
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Notrinoserp
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy