Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31737

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0025EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/10/01 12:42 a.m.13 views

CVE-2025-52049

In Frappe ErpNext v15.57.5, the function gettimesheetdetailrate at erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into the timelog parameter...

6.5CVSS7.3AI score0.0025EPSS
Exploits1References1
OSV
OSV
added 2025/09/30 2:15 p.m.6 views

CVE-2025-52049

In Frappe ErpNext v15.57.5, the function gettimesheetdetailrate at erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into the timelog parameter...

6.5CVSS7.4AI score
Exploits0References2
NVD
NVD
added 2025/09/30 2:15 p.m.4 views

CVE-2025-52049

In Frappe ErpNext v15.57.5, the function gettimesheetdetailrate at erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into the timelog parameter...

6.5CVSS0.0025EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/30 12:0 a.m.9 views

CVE-2025-52049

In Frappe ErpNext v15.57.5, the function gettimesheetdetailrate at erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into the timelog parameter...

0.0025EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/09/30 12:0 a.m.5 views

PT-2025-39991

Name of the Vulnerable Software and Affected Versions Frappe ErpNext version 15.57.5 Description The get timesheet detail rate function located at erpnext/projects/doctype/timesheet/timesheet.py is susceptible to SQL Injection. This allows an attacker to extract information from databases by...

6.5CVSS7AI score0.0025EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/09/30 12:0 a.m.5 views

CVE-2025-52049

In Frappe ErpNext v15.57.5, the function gettimesheetdetailrate at erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into the timelog parameter...

6.9AI score0.0025EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.2 views

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ErpNext version v15.57.5, which stems from unvalidated timelog parameters and could lead to SQL injection attacks...

6.5CVSS7.7AI score0.0025EPSS
Exploits1References2
CVE
CVE
added 2025/09/30 12:0 a.m.15 views

CVE-2025-52049

In Frappe ErpNext v15.57.5, the function get_timesheet_detail_rate() in erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection via the timelog parameter, enabling an attacker to extract data from the database. Affected component: ERPNext/Frappé Timesheet code path. Root ca...

6.5CVSS6.9AI score0.0025EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-15570

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/list.html.erb via crafted column data. CVE-2017-15570 Note...

6.1CVSS6.6AI score0.01227EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.6 views

SUSE CVE-2017-15570

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/list.html.erb via crafted column data...

6.1CVSS6.4AI score0.01227EPSS
Exploits0References3
CNVD
CNVD
added 2017/10/27 12:0 a.m.3 views

Redmine cross-site scripting vulnerability (CNVD-2017-31958)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . A cross-site scripting vulnerability exists in the app/views/timelog/list.html.erb file in Redmine...

6.1CVSS6AI score0.01227EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/10/18 2:29 a.m.17 views

CVE-2017-15570

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/list.html.erb via crafted column data...

6.1CVSS6.7AI score0.01227EPSS
Exploits0References5
OSV
OSV
added 2017/10/18 2:29 a.m.10 views

CVE-2017-15570

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/list.html.erb via crafted column data...

6.1CVSS6.2AI score
Exploits0References4
OSV
OSV
added 2017/10/18 2:29 a.m.4 views

UBUNTU-CVE-2017-15570

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/list.html.erb via crafted column data...

6.1CVSS6.7AI score0.01227EPSS
Exploits0References5
OSV
OSV
added 2017/10/18 2:29 a.m.2 views

DEBIAN-CVE-2017-15570

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/list.html.erb via crafted column data...

6.1CVSS6.5AI score0.01227EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/14 12:0 a.m.3 views

Redmine Information Disclosure Vulnerability

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . An information acquisition vulnerability exists in the app/views/timelog/form.html.erb file in Redmine....

5.3CVSS6.6AI score0.01931EPSS
Exploits0References1
Rows per page
Query Builder