Filtered by vendor Weberp
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-22474 | 1 Weberp | 1 Weberp | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter, which can lead to local file inclusion. | |||||
| CVE-2018-20420 | 1 Weberp | 1 Weberp | 2019-10-03 | 5.5 MEDIUM | 4.9 MEDIUM |
| In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter. | |||||