ERPNext 安全漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Version 16.16.0 of ERPNext contains a security vulnerability. This vulnerability allows authenticated users to persist arbitrary HTML/JavaScript in customer records’ email or mobile...

PT-2026-46044

Name of the Vulnerable Software and Affected Versions ERPNext version 16.16.0 Description An authenticated user can persist arbitrary HTML or JavaScript within the email id or mobile no fields of a Customer record. This leads to unescaped rendering in the Point of Sale POS interface for any...

EUVD-2017-2060

Malware in sbrugna...

EUVD-2019-12125

Malware in sbrugna...

EUVD-2021-22206

Malware in sbrugna...

EUVD-2023-26019

Malicious code in bioql PyPI...

EUVD-2025-21535

Malicious code in bioql PyPI...

Oracle E-Business Suite (July 2025 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Preferences. Supported versions that are...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2025-24081)

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Mobile Field Service for Oracle...

CVE-2025-30744

Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite component: Multiplatform Sync Errors. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Mobi...

The vulnerability of the Multiplatform Sync Errors component of the Oracle Mobile Field Service management platform, a system for automating business operations within the Oracle E-Business Suite. This component allows attackers to gain access to read, modify, and delete information.

The vulnerability of the Multiplatform Sync Errors component in the Oracle Mobile Field Service management platform, part of the Oracle E-Business Suite enterprise automation system, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to...

CVE-2025-30744

Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite component: Multiplatform Sync Errors. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Mobi...

CVE-2025-30744

Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite component: Multiplatform Sync Errors. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Mobi...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a fully integrated set of global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Mobile Field Service for Oracle...

PT-2025-29596

Name of the Vulnerable Software and Affected Versions Oracle Mobile Field Service versions 12.2.3 through 12.2.13 Description An easily exploitable issue exists in the Oracle Mobile Field Service product of Oracle E-Business Suite component: Multiplatform Sync Errors. A low-privileged attacker wi...

CVE-2025-44183

Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting XSS in /admin/profile.php via the name, email, and mobile parameters...

CVE-2021-35570

Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite component: Admin UI. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

PT-2024-38507 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A problematic issue has been found in the file adds.php, where the manipulation of the argument name, dob, email, mobile, or address leads to cross-site...

AC Repair and Services System Cross-Site Scripting Vulnerability

AC Repair and Services System is an air conditioning repair and services system by the individual developer Carlo Montero. A cross-site scripting vulnerability exists in AC Repair and Services System version 1.0, which stems from a cross-site scripting XSS vulnerability in the parameters...

The vulnerability of the Synchronization sub-component of the Oracle Mobile Field Service component in the Oracle E-Business Suite system allows a perpetrator to gain access to modify, add, or delete protected data.

The vulnerability of the Synchronization sub-component of the Oracle Mobile Field Service component in the Oracle E-Business Suite enterprise automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker who operates remotely to modify,...