Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
odoo odoo vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-11786
Improper access control in Odoo Community 13.0 and previous versions and Odoo Enterprise 13.0 and previous versions, allows remote authenticated users to modify translated terms, which may lead to arbitrary content modification on translatable elements.
Odoo Odoo
NA
CVE-2021-44460
Improper access control in Odoo Community 13.0 and previous versions and Odoo Enterprise 13.0 and previous versions allows users with deactivated accounts to access the system with the deactivated account and any permission it still holds, via crafted RPC requests.
Odoo Odoo
NA
CVE-2021-44465
Improper access control in Odoo Community 13.0 and previous versions and Odoo Enterprise 13.0 and previous versions allows authenticated malicious users to subscribe to receive future notifications and comments related to arbitrary business records in the system, via crafted RPC ...
Odoo Odoo
NA
CVE-2021-44775
Cross-site scripting (XSS) issue in Website app of Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim, by posting crafted contents.
Odoo Odoo
802
VMScore
CVE-2018-15640
Improper access control in the Helpdesk App of Odoo Enterprise 10.0 up to and including 12.0 allows remote authenticated malicious users to obtain elevated privileges via a crafted request.
Odoo Odoo
312
VMScore
CVE-2018-15641
Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 up to and including 14.0 and Odoo Enterprise 11.0 up to and including 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attrib...
Odoo Odoo
NA
CVE-2021-44461
Cross-site scripting (XSS) issue in Accounting app of Odoo Enterprise 13.0 up to and including 15.0, allows remote attackers who are able to control the contents of accounting journal entries to inject arbitrary web script in the browser of a victim.
Odoo Odoo
NA
CVE-2021-44476
A sandboxing issue in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows authenticated administrators to read local files on the server, including sensitive configuration files.
Odoo Odoo
NA
CVE-2021-44547
A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation.
Odoo Odoo
356
VMScore
CVE-2018-14868
Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.
Odoo Odoo 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »