CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-32011

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00044EPSS

Exploits1References3

OSV•added 2025/10/01 3:15 p.m.•3 views

CVE-2025-52039

In Frappe ERPNext 15.57.5, the function getmaterialrequestsbasedonsupplier at erpnext/stock/doctype/materialrequest/materialrequest.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the txt parameter...

8.2CVSS7.3AI score

Exploits0References2

CVE•added 2025/10/01 12:0 a.m.•11 views

CVE-2025-52039

In Frappe ERPNext 15.57.5, the get_material_requests_based_on_supplier() function in erpnext/stock/doctype/material_request/material_request.py is vulnerable to SQL Injection via the txt parameter, enabling an attacker to extract data from the database. Root cause: unsafe SQL handling in the func...

8.2CVSS6.9AI score0.00044EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2025/10/01 12:0 a.m.•3 views

PT-2025-40243

Name of the Vulnerable Software and Affected Versions Frappe ERPNext version 15.57.5 Description The get material requests based on supplier function located at erpnext/stock/doctype/material request/material request.py is susceptible to SQL Injection. An attacker can inject a SQL query into the...

8.2CVSS7.3AI score0.00044EPSS

Exploits1References7