Skip to main content

Ordat Erp

3 CVEs product

Monthly

CVE-2024-34336 MEDIUM POC This Month

User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ordat Erp
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-34335 MEDIUM POC This Month

ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ordat Erp
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-34334 HIGH POC This Week

ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ordat Erp
NVD
CVSS 3.1
7.5
EPSS
0.5%
EPSS 0% CVSS 5.3
MEDIUM POC This Month

User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ordat Erp
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Ordat Erp
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ordat Erp
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy