VYPR

ERP Management Software

by NUS-M9

CVEs (4)

  • CVE-2024-44756CriNov 18, 2024
    risk 0.64cvss 9.8epss 0.00

    NUS-M9 ERP Management Software v3.0.0 was discovered to contain a SQL injection vulnerability via the usercode parameter at /UserWH/checkLogin.

  • CVE-2024-44758CriNov 15, 2024
    risk 0.64cvss 9.8epss 0.01

    An arbitrary file upload vulnerability in the component /Production/UploadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to execute arbitrary code via uploading crafted files.

  • CVE-2024-44757HigNov 18, 2024
    risk 0.49cvss 7.5epss 0.00

    An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.

  • CVE-2024-44759HigNov 15, 2024
    risk 0.49cvss 7.5epss 0.00

    An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.