Lucene search
K

5 matches found

CNVD
CNVD
added 2025/10/09 12:0 a.m.4 views

ERPNext inventory_dimensions_dict parameter SQL injection vulnerability

ERPNext is an open source enterprise resource planning solution from ERPNext India. ERPNext suffers from a SQL injection vulnerability that originates from the presence of SQL injection in the inventorydimensionsdict parameter, which can be exploited by an attacker to obtain database information...

8.2CVSS8AI score0.00315EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-32017

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00315EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/01 12:0 a.m.7 views

CVE-2025-52041

In Frappe ERPNext 15.57.5, the function getstockbalancefor at erpnext/stock/doctype/stockreconciliation/stockreconciliation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the inventorydimensionsdict parameter...

0.00315EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/10/01 12:0 a.m.4 views

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. ERPNext suffers from a SQL injection vulnerability that originates from the presence of SQL injection in the inventorydimensionsdict parameter, which can be exploited by an attacker to obtain database information...

8.2CVSS7.6AI score0.00315EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/16 12:0 a.m.10 views

CVE-2025-52044

In Frappe ERPNext v15.57.5, the function getstockbalance at erpnext/stock/utils.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into inventorydimensionsdict parameter...

0.00366EPSS
Exploits1References2
Rows per page
Query Builder