CVE-2020-28870 — CVSS 9.8 (critical): In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code on the server side due to lack of validations in…
CVE-2019-25312 — CVSS 5.4 (medium): InoERP 0.7.2 contains a persistent cross-site scripting vulnerability in the comment section that allows unauthenticated attackers to…