Inoideas Inoerp
3 CVEs affecting Inoideas Inoerp. Latest disclosed: 2026-02-11. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-28870 | Critical | 9.8 | 2021-02-10 | In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to lack of validations in /modules/sys/form_personalization/json_fp… |
CVE-2019-16894 | Critical | 9.8 | 2019-09-26 | download.php in inoERP 4.15 allows SQL injection through insecure deserialization. |
CVE-2019-25312 | Medium | 5.4 | 2026-02-11 | InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to inject malicious scripts… |