Vulnerabilities > Idurarapp

DATE CVE VULNERABILITY TITLE RISK
2024-10-04 CVE-2024-47769 Relative Path Traversal vulnerability in Idurarapp Idurar
IDURAR is open source ERP CRM accounting invoicing software.
network
low complexity
idurarapp CWE-23
7.5
2023-12-30 CVE-2023-52265 Cross-site Scripting vulnerability in Idurarapp Idurar 1.0.0/2.0.0/2.0.1
IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data.
network
low complexity
idurarapp CWE-79
5.4
2023-05-16 CVE-2023-27742 SQL Injection vulnerability in Idurarapp Idurar 1.0.0
IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login.
network
low complexity
idurarapp CWE-89
critical
9.8