notrinos - Security Researcher - Exploit Intelligence Platform

CVE-2022-2871 WRITEUP MEDIUM WRITEUP

notrinos/notrinoserp <0.7 - XSS

Cross-site Scripting (XSS) - Stored in GitHub repository notrinos/notrinoserp prior to 0.7.

CVSS 5.4

View Code

CVE-2022-2921 WRITEUP HIGH WRITEUP

Notrinoserp < 0.7 - Privilege Escalation

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository notrinos/notrinoserp prior to v0.7. This results in privilege escalation to a system administrator account. An attacker can gain access to protected functionality such as create/update companies, install/update languages, install/activate extensions, install/activate themes and other permissive actions.

CVSS 8.8

View Code

CVE-2022-2927 WRITEUP CRITICAL WRITEUP

notrinos/notrinoserp <0.7 - Info Disclosure

Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7.

CVSS 9.8

View Code

CVE-2022-2965 WRITEUP MEDIUM WRITEUP

notrinos/notrinoserp <0.7 - Info Disclosure

Improper Restriction of Rendered UI Layers or Frames in GitHub repository notrinos/notrinoserp prior to 0.7.

CVSS 4.3

View Code