Menu
▾
▴
Re: [WebERP-developers] Fwd: Aw: Vulnerabilities in webERP
|
From: gilberto d. s. a. <gs...@gm...> - 2020-07-22 18:50:08
|
hi. reading and soon we return. thanks. -- gilberto dos santos alves +5511986465049 Em ter., 21 de jul. de 2020 às 22:39, Phil Daintree <ph...@lo...> escreveu: > Gents, > > This looks like it is sent as GET parameter but is not captured by our > session cleansing routine? > > Anyone any ideas? > > Phil > -------- Forwarded Message -------- > Subject: Aw: Vulnerabilities in webERP > Date: Sat, 18 Jul 2020 10:51:14 +0200 > From: Mario Riederer <Mar...@gm...> > To: Phil Daintree <ph...@lo...> > > > > Hello Phil, > thanks for your reply :) > I found 2 Cross Site Scripting and 2 SQL Injections in the software. > You can find an explanation of the vulnerabilities in the Attachment. > Please let me know if you need further help. > Best regards, > Mario > *Gesendet:* Samstag, 18. Juli 2020 um 07:22 Uhr > *Von:* "Phil Daintree" <ph...@lo...> > *An:* mar...@gm..., "in...@we..." <in...@we...> > *Betreff:* Vulnerabilities in webERP > Hi Mario, > > Further to your message to me at Logic Works ... if you could expand on > the vulnerabilities please so we can fix. > > Many thanks > > Phil > > -- > Phil Daintree > 0275 567890 > _______________________________________________ > Web-erp-developers mailing list > Web...@li... > https://lists.sourceforge.net/lists/listinfo/web-erp-developers > |
