Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-28870 | 1 Inoideas | 1 Inoerp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to lack of validations in /modules/sys/form_personalization/json_fp.php. | |||||
| CVE-2019-16894 | 1 Inoideas | 1 Inoerp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| download.php in inoERP 4.15 allows SQL injection through insecure deserialization. | |||||