138 matches found
CVE-2020-37082
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...
CVE-2020-37082
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...
CVE-2020-37082 webERP 4.15.1 - Unauthenticated Backup File Access
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...
CVE-2020-37082 webERP 4.15.1 - Unauthenticated Backup File Access
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...
CVE-2020-37082
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...
EUVD-2020-30993
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backuptimestamp.sql.gz file...
CVE-2020-37082
Summary: CVE-2020-37082 affects webERP 4.15.1 and describes an unauthenticated backup file access flaw. Attackers can directly request and download generated backup files (Backup_[timestamp].sql.gz) from the companies/weberp/ directory without authentication, enabling remote file retrieval via ne...
PT-2026-5832
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup timestamp.sql.gz file...
webERP 安全漏洞
webERP is an open-source ERP system developed by Tim Schofield. It supports inventory management, permission role management, order management, and financial management. Version 4.15.1 of webERP contains a security vulnerability caused by an unverified file access flaw. Attackers can directly...
CVE-2019-7755
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...
EUVD-2018-11125
Malware in sbrugna...
EUVD-2018-11127
Malware in sbrugna...
EUVD-2018-12977
Malware in sbrugna...
EUVD-2018-11126
Malware in sbrugna...
EUVD-2020-15234
Malware in sbrugna...
EUVD-2019-17283
Malware in sbrugna...
EUVD-2025-8027
Malicious code in bioql PyPI...
EUVD-2025-15161
Malicious code in bioql PyPI...
EUVD-2025-15159
Malicious code in bioql PyPI...
CVE-2025-52130
File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution RC...