NotrinosERP v0.7 was discovered to contain a SQL injection vulnerability via the OrderNumber parameter at /NotrinosERP/sales/customer_delivery.php.
https://github.com/notrinos/NotrinosERP
https://github.com/arvandy/CVE/blob/main/NotrinosERP/POC.md
https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.py
https://github.com/arvandy/CVE/blob/main/CVE-2023-24788/CVE-2023-24788.md
http://packetstormsecurity.com/files/171804/NotrinosERP-0.7-SQL-Injection.html