VYPR

Epicor Enterprise

by Epicor

CVEs (2)

  • CVE-2014-4311Nov 4, 2014
    risk 0.03cvss epss 0.06

    Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection and email settings page.

  • CVE-2014-4312Oct 10, 2014
    risk 0.03cvss epss 0.04

    Multiple cross-site scripting (XSS) vulnerabilities in Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allow remote attackers to inject arbitrary web script or HTML via the (1) Notes section to Order details; (2) Description section to "Order to consume"; (3) Favorites name…