Skip to content

Odevmo/Insecure_odoo_addon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

7 Commits
insecure_addon
insecure_addon
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

🚨 Insecure Addon (For Testing Only)

This Odoo module is intentionally insecure and must never be used in production.
It is designed exclusively for testing security scanners and audit tools in a safe, local development environment.

❗ Disclaimer

This module contains serious security vulnerabilities introduced on purpose.
DO NOT deploy this on any production or internet-facing instance.

By using this module, you agree that:

  • You are responsible for where and how you install it.
  • It is intended for educational and QA purposes only.
  • The authors and distributors are not liable for any misuse or consequences.

βœ… Included Vulnerabilities (for scanner coverage)

Vulnerability Type Description
Missing ACLs No ir.model.access.csv file
Permissive Record Rule Grants full access without domain
Unsafe SQL Manual SQL with string interpolation
Use of eval() With potentially unsanitized input
QWeb XSS Risk Uses t-raw with unescaped content

πŸ“¦ Installation

This module requires no dependencies beyond base. To install:

# Copy to your Odoo addons path
# Then upgrade or install manually:
./odoo-bin -u insecure_addon -d your_database

About

Insecure addon for security testing.

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages