ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext version 15.57.5, which stems from an unvalidated txt parameter that could lead to an SQL injection attack...

Frappe Technologies Frappe 安全漏洞

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe version 15.57.5, which stems from unvalidated inputs in the blanketordertype parameter,...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. ERPNext suffers from a SQL injection vulnerability that originates from the presence of SQL injection in the inventorydimensionsdict parameter, which can be exploited by an attacker to obtain database information...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. ERPNext suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the filters.disabled parameter of the getincomeaccount function. An attacker can...

Frappe Technologies Frappe 安全漏洞

Frappe Technologies Frappe is a Python, Mariadb-based web development framework with integrated front-end pages from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe version 15.57.5, which stems from insufficient validation of the expirydate parameter and...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ErpNext version v15.57.5, which stems from unvalidated timelog parameters and could lead to SQL injection attacks...