3 matches found
EUVD-2025-32020
Malicious code in bioql PyPI...
CVE-2025-52040
In Frappe ERPNext 15.57.5, the function getblanketorders at erpnext/controllers/queries.py is vulnerable to SQL Injection, which allows an attacker can extract all information from databases by injecting a SQL query into the blanketordertype parameter...
CVE-2025-52040
In Frappe ERPNext 15.57.5, the function getblanketorders at erpnext/controllers/queries.py is vulnerable to SQL Injection, which allows an attacker can extract all information from databases by injecting a SQL query into the blanketordertype parameter...