VYPR

Packagist (Composer) package

notrinos/notrinos-erp

pkg:composer/notrinos/notrinos-erp

Vulnerabilities (4)

  • CVE-2023-24788HigMar 23, 2023
    affected <= 0.7

    NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.

  • CVE-2022-2927CriAug 22, 2022
    affected < 0.7fixed 0.7

    Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.

  • CVE-2022-2921HigAug 21, 2022
    affected < 0.7fixed 0.7

    Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companie

  • CVE-2022-2871MedAug 17, 2022
    affected <= 0.7

    Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.