6 matches found
CVE-2026-44440
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability on an endpoint allows an authenticated adjacent attacker to read arbitrary files. This vulnerability is...
CVE-2026-44440
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability on an endpoint allows an authenticated adjacent attacker to read arbitrary files. This vulnerability is...
EUVD-2026-30193
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability on an endpoint allows an authenticated adjacent attacker to read arbitrary files. This vulnerability is...
CVE-2026-44440
ERPNext is affected by a path traversal vulnerability (CVE-2026-44440) in which an authenticated adjacent attacker can read arbitrary files due to improper limitation of a pathname to a restricted directory. The issue exists prior to versions 15.101.1 and 16.10.0 and is fixed in those releases. C...
PT-2026-40819
Name of the Vulnerable Software and Affected Versions ERPNext versions prior to 15.101.1 ERPNext versions prior to 16.10.0 Description An improper limitation of a pathname to a restricted directory, known as path traversal, allows an authenticated adjacent attacker to read arbitrary files via an...
ERPNext 路径遍历漏洞
ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Versions prior to 15.101.1 and 16.10.0 of ERPNext contained a path traversal vulnerability. This vulnerability stems from a path traversal vulnerability in endpoints, which could allow...