Vulnerabilities > Idurarapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-04 | CVE-2024-47769 | Relative Path Traversal vulnerability in Idurarapp Idurar IDURAR is open source ERP CRM accounting invoicing software. | 7.5 |
2023-12-30 | CVE-2023-52265 | Cross-site Scripting vulnerability in Idurarapp Idurar 1.0.0/2.0.0/2.0.1 IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data. | 5.4 |
2023-05-16 | CVE-2023-27742 | SQL Injection vulnerability in Idurarapp Idurar 1.0.0 IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. | 9.8 |