7 matches found
CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...
CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...
CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...
Frappe Framework 安全漏洞
Frappe Framework is a metadata-driven full-stack web application framework based on Python and JavaScript from Frappe India. A security vulnerability exists in the Attachments module of Frappe Framework v15.89.0, which stems from the fact that uploading a specially crafted XML file could lead to...
CVE-2025-67289
An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...
PT-2025-52668
Name of the Vulnerable Software and Affected Versions Frappe Framework version 15.89.0 Description A flaw exists within the Attachments module that permits arbitrary file uploads. Successful exploitation, involving the upload of a specially crafted XML file, could lead to the execution of arbitra...
PT-2025-107: Insufficient authorization in FreeScout
The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to bypass access‑control checks, gaining information or functionality beyond the user’s granted privileges. Vulnerability status: Confirmed by vendor Date of vulnerability remediation:...