Filtered by vendor Idurar Project
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52265 | 1 Idurar Project | 1 Idurar | 2024-01-11 | N/A | 5.4 MEDIUM |
| IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON email template in the /api/email/update data. | |||||
| CVE-2023-27742 | 1 Idurar Project | 1 Idurar | 2023-05-25 | N/A | 9.8 CRITICAL |
| IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. | |||||