Openbravo Openbravo_erp
2 CVEs affecting Openbravo Openbravo_erp. Latest disclosed: 2017-06-05. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-9437 | High | 8.8 | 2017-06-05 | Openbravo Business Suite 3.0 is affected by SQL injection. This vulnerability could allow remote authenticated attackers to inject arbitrary SQL code. |
CVE-2013-3617 | | 2013-11-02 | The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declar… |