23 matches found
CVE-2026-47068
creationtimestamp| type| source ---|---|--- 2026-05-20 15:28:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmc7sv2h5b2h...
CVE-2013-5627
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions...
CVE-2025-14472
creationtimestamp| type| source ---|---|--- 2026-01-29 19:48:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdlkmnxu5y27...
CVE-2025-66440
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext/accounts/doctype/paymententry/paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66439
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
EUVD-2025-203392
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
EUVD-2025-203391
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext/accounts/doctype/paymententry/paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66440
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext/accounts/doctype/paymententry/paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66439
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66439
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66440
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext/accounts/doctype/paymententry/paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
PT-2025-51261
Name of the Vulnerable Software and Affected Versions Frappe ERPNext versions through 15.89.0 Description A SQL injection issue exists in Frappe ERPNext. The get outstanding reference documents function within the erpnext/accounts/doctype/payment entry/payment entry.py file is susceptible to...
CVE-2025-66439
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66439
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext.accounts.doctype.paymententry.paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
CVE-2025-66440
An issue was discovered in Frappe ERPNext through 15.89.0. Function getoutstandingreferencedocuments at erpnext/accounts/doctype/paymententry/paymententry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the...
PT-2025-51260
Name of the Vulnerable Software and Affected Versions Frappe ERPNext versions through 15.89.0 Description An issue exists in Frappe ERPNext that allows an attacker to extract arbitrary data from the database. The get outstanding reference documents function, located at...
CVE-2025-66439
ERPNext through 15.89.0 is affected by an SQL Injection in get_outstanding_reference_documents() (erpnext.accounts.doctype.payment_entry.payment_entry.py) where from_posting_date is interpolated directly into the query. This allows an attacker to extract arbitrary data from the database. Connecte...
ERPNext 安全漏洞
ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext 15.89.0 and earlier versions, which stems from improper handling of the frompostingdate parameter in the getoutstandingreferencedocuments function, which could lead to an...
CVE-2025-2856
creationtimestamp| type| source ---|---|--- 2025-07-06 01:24:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltb4fy2iax2v...
CVE-2025-45388
creationtimestamp| type| source ---|---|--- 2025-05-07 19:22:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15384 2025-05-07 22:27:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lomgxujgzs2p 2025-05-07 23:12:15+00:00| seen|...