📦 Sentrifugo

This SQL injection vulnerability in Sentrifugo 3.2 allows remote attackers to execute arbitrary SQL commands through the 'id' parameter in specific endpoints. Successful exploitation could lead to com...

This SQL injection vulnerability in Sentrifugo 3.2 allows remote attackers to execute arbitrary SQL queries through the 'bunitname' parameter in the business units report endpoint. Successful exploita...

This is a critical SQL injection vulnerability in Sentrifugo 3.2 that allows remote attackers to execute arbitrary SQL queries through the 'sort_name' parameter. Successful exploitation could lead to ...

This is a Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2 that allows attackers to inject malicious scripts via the 'expense_category_name' parameter in the expense categories edit page. Wh...

This is a reflected Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2 that allows attackers to inject malicious scripts via the 'business_id' parameter. When exploited, it can steal user sess...