4 matches found
EUVD-2025-32017
Malicious code in bioql PyPI...
CVE-2025-52041
In Frappe ERPNext 15.57.5, the function getstockbalancefor at erpnext/stock/doctype/stockreconciliation/stockreconciliation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the inventorydimensionsdict parameter...
PT-2025-40245
Name of the Vulnerable Software and Affected Versions Frappe ERPNext version 15.57.5 Description The get stock balance for function located at erpnext/stock/doctype/stock reconciliation/stock reconciliation.py is susceptible to SQL Injection. An attacker can inject a SQL query through the invento...
CVE-2025-52041
In Frappe ERPNext 15.57.5, the function getstockbalancefor at erpnext/stock/doctype/stockreconciliation/stockreconciliation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the inventorydimensionsdict parameter...