Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Packet Storm
Packet Stormadded 2026/04/13 12:0 a.m.61 views

📄 FacturaScripts SQL Injection

FacturaScripts versions prior to 2025.81 suffer from a remote SQL injection vulnerability in the Autocomplete Actions functionality. CVE-2026-25514: FacturaScripts has SQL Injection in Autocomplete Actions Overview | Field | Details | |---|---| | CVE ID | CVE-2026-25514 | | Severity | HIGH | |...

8.8CVSS6.2AI score0.00025EPSS
Exploits3
RedhatCVE
RedhatCVEadded 2026/02/06 1:25 a.m.2 views

CVE-2026-25514

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.81, FacturaScripts contains a critical SQL injection vulnerability in the autocomplete functionality that allows authenticated attackers to extract sensitive data from the database including...

8.8CVSS5.5AI score0.00025EPSS
Exploits3References1
Vulnrichment
Vulnrichmentadded 2026/02/04 7:59 p.m.2 views

CVE-2026-25514 FacturaScripts has SQL Injection vulnerability in Autocomplete Actions

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.81, FacturaScripts contains a critical SQL injection vulnerability in the autocomplete functionality that allows authenticated attackers to extract sensitive data from the database including...

8.7CVSS5.6AI score0.00025EPSS
Exploits3References2
CVE
CVEadded 2026/02/04 7:59 p.m.13 views

CVE-2026-25514

FacturaScripts (open-source ERP) contains a SQL injection in the autocomplete action via CodeModel::all() where user-controlled values are concatenated into SQL. Affected versions are prior to 2025.81; authenticated attackers can extract data including credentials, configuration, and business dat...

8.8CVSS5.6AI score0.00025EPSS
Exploits3References2Affected Software1
EUVD
EUVDadded 2026/02/04 7:59 p.m.1 views

EUVD-2026-5360

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.81, FacturaScripts contains a critical SQL injection vulnerability in the autocomplete functionality that allows authenticated attackers to extract sensitive data from the database including...

8.7CVSS5.6AI score0.00025EPSS
Exploits3References2
Cvelist
Cvelistadded 2026/02/04 7:59 p.m.23 views

CVE-2026-25514 FacturaScripts has SQL Injection vulnerability in Autocomplete Actions

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.81, FacturaScripts contains a critical SQL injection vulnerability in the autocomplete functionality that allows authenticated attackers to extract sensitive data from the database including...

8.7CVSS0.00025EPSS
Exploits3References2
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.1 views

PT-2026-6306

Name of the Vulnerable Software and Affected Versions FacturaScripts versions prior to 2025.81 Description FacturaScripts is enterprise resource planning and accounting software. Versions prior to 2025.81 contain a critical SQL injection issue in the autocomplete functionality. Authenticated...

8.7CVSS5.7AI score0.00025EPSS
Exploits3References14
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.2 views

PT-2026-6462

Summary FacturaScripts contains a critical SQL Injection vulnerability in the autocomplete functionality that allows authenticated attackers to extract sensitive data from the database including user credentials, configuration settings, and all stored business data. The vulnerability exists in th...

8.7CVSS6.2AI score0.00025EPSS
Exploits3References5
Rows per page
Query Builder