Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ordat\.erp
(Ordat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-12 | CVE-2024-34336 | User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality. | Ordat\.erp | 5.3 | ||
| 2024-09-12 | CVE-2024-34334 | ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. | Ordat\.erp | 7.5 | ||
| 2024-09-12 | CVE-2024-34335 | ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page. | Ordat\.erp | 6.1 |