3 matches found
EUVD-2025-31734
Malicious code in bioql PyPI...
CVE-2025-52043
In Frappe ERPNext v15.57.5, the function importcoa at erpnext/accounts/doctype/chartofaccountsimporter/chartofaccountsimporter.py is vulnerable to SQL injection, which allows an attacker to extract all information from databases by injecting a SQL query into the company parameter...
ERPNext 安全漏洞
ERPNext is an open source enterprise resource planning solution from ERPNext India. ERPNext suffers from a SQL injection vulnerability that stems from the lack of validation of the importcoa function's company parameter against externally entered SQL statements. An attacker can exploit this...