CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

CVE•added 2026/02/04 7:59 p.m.•14 views

CVE-2026-25514

FacturaScripts (open-source ERP) contains a SQL injection in the autocomplete action via CodeModel::all() where user-controlled values are concatenated into SQL. Affected versions are prior to 2025.81; authenticated attackers can extract data including credentials, configuration, and business dat...

8.8CVSS5.6AI score0.00029EPSS

Exploits3References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by