7 matches found
CVE-2026-41581
Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, there is a possible SQL Injection via getbloglist. This issue has been patched in versions 15.106.0 and 16.16.0...
CVE-2026-41581
Frappe framework vulnerability CVE-2026-41581: a possible SQL injection via get_blog_list affects versions prior to 15.106.0 and 16.16.0. The issue has been patched in 15.106.0 and 16.16.0. CVSS 4.0 base score 6.9 (MEDIUM); attack vector NETWORK, authentication NONE required, no user interaction....
CVE-2026-41581 Frappe Vulnerable to Possible SQL Injection via get_blog_list
Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, there is a possible SQL Injection via getbloglist. This issue has been patched in versions 15.106.0 and 16.16.0...
CVE-2026-41581 Frappe Vulnerable to Possible SQL Injection via get_blog_list
Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, there is a possible SQL Injection via getbloglist. This issue has been patched in versions 15.106.0 and 16.16.0...
PT-2026-48877
Frappe is a full-stack web application framework. Prior to versions 15.106.0 and 16.16.0, there is a possible SQL Injection via get blog list. This issue has been patched in versions 15.106.0 and 16.16.0...
PT-2024-33251 · WordPress · Qi Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.7.2 Description: The issue allows authenticated attackers with Contributor-level access and above to include remote files on the server, resulting in code execution...
CVE-2019-17535
Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647...