Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-36293: open source CRM, Process manager and extensions marketplace

SQL injection vulnerability in wmanager v.1.0.7 and before allows a remote attacker to obtain sensitive information via a crafted script to the company.php component.

CVE
Open in Source
#sql#vulnerability#web#php#postgres

**
Free and Open source CRM, process manager
and development framework**

WManager is a free and open source web application aimed to support companies business process automation.
WManager includes a fully featured "process manager" which can work with little configuration efforts plus a very scalable development framewotk. You can import extensions from third parties (either free or charged), create local (custom) extensions and/or develop new extensions to be published in the community repository. WManager is based on the simple PHP/Postgres stack. It uses a standard and readable SQL database structure and carries a well designed “general purpose” business data model that you can extend and customize according to your needs, plus a nice frontend template.

WManager Demo

user: [email protected] pw: password

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE