notrinos/NotrinosERP

GitHub

github.com

notrinos.com

Releases9

Frequency8 months 1 day

Last Release 11 days ago

Stars147

A web-based ERP, Accounting system that written in PHP and MySql includes CRM, Sales, Purchasing, Warehousing, Manufacturing, Payroll & Human Resource... It supports multi user, multi currencies, multi languages, multi level approval workflow.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-24788 ↗	Mar 23, 2023Thursday, 23 March 2023, 21:15	8.8 HIGH	—
NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.
CVE-2022-2965 ↗	Aug 23, 2022Tuesday, 23 August 2022, 16:15	4.3 MEDIUM	—
Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2022-2927 ↗	Aug 22, 2022Monday, 22 August 2022, 09:15	9.8 CRITICAL	—
Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.
CVE-2022-2921 ↗	Aug 21, 2022Sunday, 21 August 2022, 04:15	8.8 HIGH	—
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions.
CVE-2022-2871 ↗	Aug 17, 2022Wednesday, 17 August 2022, 09:15	5.4 MEDIUM	—
Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.