Vulnerabilities > Openbravo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-28 | CVE-2019-14362 | Path Traversal vulnerability in Openbravo ERP 3.0 Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. | 5.5 |
2017-06-05 | CVE-2017-9437 | SQL Injection vulnerability in Openbravo ERP 3.0 Openbravo Business Suite 3.0 is affected by SQL injection. | 6.5 |
2013-11-02 | CVE-2013-3617 | Permissions, Privileges, and Access Controls vulnerability in Openbravo ERP 2.40/2.50/3.0 The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue. | 3.5 |