Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.10 views

PT-2026-1347

Name of the Vulnerable Software and Affected Versions Frappe versions 14.99.5 and below and 15.0.0 through 15.80.1 Description Frappe, a full-stack web application framework, contains a path traversal issue in certain requests. Insufficient input sanitization allows the potential retrieval of...

7.5CVSS6.8AI score0.00361EPSS
Exploits0References7
CVE
CVE
added 2025/12/29 3:10 p.m.15 views

CVE-2025-68929

Frappe (a full‑stack web application framework) is affected in versions before 14.99.6 and 15.88.1. An authenticated user with specific permissions could be tricked into visiting a specially crafted link, causing a malicious template to run on the server and leading to remote code execution. The ...

9CVSS7.4AI score0.00419EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/10/05 12:0 a.m.4 views

Frappe Technologies Frappe 安全漏洞

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe versions 2.34.x and 2.35.0, which stems from an incomplete fix for CVE-2025-55006 and coul...

8.8CVSS3.6AI score0.00361EPSS
Exploits1References5
CVE
CVE
added 2025/03/25 2:55 p.m.78 views

CVE-2025-30213

CVE-2025-30213 affects the Frappe full-stack web application framework. Prior to versions 14.91.0 and 15.52.0, a system user could create documents in a specific way that could lead to remote code execution (RCE). The issue is mitigated only by upgrading to the patched releases. Versions 14.9.1 a...

8.8CVSS7.9AI score0.00669EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.5 views

PT-2024-20581 · Frappe · Frappe

Name of the Vulnerable Software and Affected Versions: Frappe versions prior to 14.64.0 and 15.0.0 Description: The issue is related to SQL injection from a particular whitelisted method, which can result in access to data that the user does not have permission to access. There are no known...

7.5CVSS7.2AI score0.00646EPSS
Exploits0References6
Rows per page
Query Builder