| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|
| 1 | 4 | 0 | 40.4% | CRITICAL |
| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|
| CVE-2025-29390 | jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application/controllers/home.php. | HIGH | 8.8 | — | 29.2% | Apr 9, 2025 | |
| CVE-2024-42565 | ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete. | CRITICAL | 9.8 | — | 44.3% | Aug 20, 2024 | |
| CVE-2024-42564 | ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/inventory/delete?action=delete. | HIGH | 7.6 | — | 35.2% | Aug 20, 2024 | |
| CVE-2024-42563 | An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file. | CRITICAL | 9.8 | — | 52.8% | Aug 20, 2024 | |