Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frappe erpnext vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-20516
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the blog/ URI.
Frappe Erpnext 11.1.47
383
VMScore
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ URI.
Frappe Erpnext 11.1.47
383
VMScore
CVE-2019-20518
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ URI.
Frappe Erpnext 11.1.47
383
VMScore
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafted e-mail address.
Frappe Erpnext 11.1.47
383
VMScore
CVE-2019-20520
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/method/ URI.
Frappe Erpnext 11.1.47
383
VMScore
CVE-2019-20521
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI.
Frappe Erpnext 11.1.47
435
VMScore
CVE-2018-11339
An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Frappe Erpnext 11.x.x-develop B1036e5
1 EDB exploit
578
VMScore
CVE-2017-1000120
[ERPNext][Frappe Version <= 7.1.27] SQL injection vulnerability in frappe.share.get_users allows remote authenticated users to execute arbitrary SQL commands via the fields parameter.
Frappe Frappe
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2