Vulnerabilities > Ordat

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-12	CVE-2024-34334	SQL Injection vulnerability in Ordat Ordat.Erp ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. network low complexity ordat CWE-89	7.5
2024-09-12	CVE-2024-34335	Cross-site Scripting vulnerability in Ordat Ordat.Erp ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page. network low complexity ordat CWE-79	6.1
2024-09-12	CVE-2024-34336	Information Exposure Through Discrepancy vulnerability in Ordat Ordat.Erp User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality. network low complexity ordat CWE-203	5.3

Vulnerabilities > Ordat {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ordat"}]}