CVE-2023-24788

NotrinosERP vulnerable to SQL Injection in packagist/notrinos/notrinos-erp

Identifiers

GHSA-4pqp-69m3-f8pp, CVE-2023-24788

Package Slug

packagist/notrinos/notrinos-erp

Vulnerability

NotrinosERP vulnerable to SQL Injection

Description

RESERVED NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.

Affected Versions

All versions up to 0.7

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-03-24

source