Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/29 5:20 p.m.7 views

EUVD-2026-40167

ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderController that allows attackers with erp:sale-out permissions to gain unauthorized access to sale order operations by exploiting an incorrect permission namespace enforcement...

8.6CVSS5.8AI score0.00294EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/12 5:4 p.m.14 views

CediPay Affected by Improper Input Validation in Payment Processing

A vulnerability in CediPay allows attackers to bypass input validation in the transaction API. Affected users: All deployments running versions prior to the patched release. Risk: Exploitation could result in unauthorized transactions, exposure of sensitive financial data, and compromise of payme...

8.8CVSS5.4AI score0.00268EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/18 10:37 p.m.5 views

CVE-2025-68112

ChurchCRM is an open-source church management system. In versions prior to 6.5.3, a SQL injection vulnerability in ChurchCRM's Event Attendee Editor allows authenticated users to execute arbitrary SQL commands, leading to complete database compromise, administrative credential theft, and potentia...

9.6CVSS8.1AI score0.00371EPSS
Exploits1References1
OSV
OSV
added 2021/09/14 12:15 p.m.2 views

CVE-2021-38164

SAP ERP Financial Accounting RFOPENPOSTINGFR versions - SAPAPPL - 600, 602, 603, 604, 605, 606, 616, SAPFIN - 617, 618, 700, 720, 730, SAPSCORE - 125, S4CORE, 100, 101, 102, 103, 104, 105, allows a registered attacker to invoke certain functions that would otherwise be restricted to specific user...

5.4CVSS6.3AI score
Exploits0References2
Rows per page
Query Builder