Filter
-Infinity
0

Trending

Last week
Last month
Last year

ERPNextCSRF

Exploited
Trending
Week
First published (updated )
CVE-2025-28062

Frappe PressPress has a potential 2FA bypass

medium
6.5
First published (updated )
CVE-2024-50356

Frappe PressFrappe Press possible HTML injection through SaaS Signup inputs

low
1.2
EPSS
0.14%
First published (updated )
CVE-2024-49751

Frappe LMSFrappe vuilnerable to an open redirect on login page

medium
6.1
EPSS
0.04%
First published (updated )
CVE-2024-34074

Frappe LMSFrappe File Permissions can by bypassed using certain endpoints

high
8.1
EPSS
0.04%
First published (updated )
CVE-2024-27105

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Frappe LMSFrappe SQL Injection from reporting logic

high
7.5
First published (updated )
CVE-2024-24813

Frappe LMSFrappe Authenticated Reflected Cross site scripting (XSS) in portal pages

medium
5.4
EPSS
0.05%
First published (updated )
CVE-2024-24812

Frappe LMSFrappe vulnerable to HTML injection by any Desk user

medium
5.4
First published (updated )
CVE-2023-46127

Frappe LMSCross-site Scripting (XSS) - Generic in frappe/lms

high
7.1
EPSS
0.08%
First published (updated )
CVE-2023-5555

Frappe LMSFrappe LMS SQL Injection Issue on People Page

critical
9.8
First published (updated )
CVE-2023-42807

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Frappe LMSPossibility limited SQL injection due to insufficient validation in Frappe

high
7.5
First published (updated )
CVE-2023-41328

Frappe LMSPath Traversal

medium
6.5
First published (updated )
CVE-2022-41712

Frappe LMSFrappe Search navbar_search.html cross site scripting

medium
6.1
First published (updated )
CVE-2022-3988

ERPNextXSS

medium
6.1
First published (updated )
CVE-2022-28598

ERPNextERPNext - Stored XSS in My Settings

medium
5.4
First published (updated )
CVE-2022-23058

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ERPNextERPNext - Stored XSS leads to account takover

medium
5.4
First published (updated )
CVE-2022-23056

ERPNextERPNext - Stored XSS in My Profile

medium
5.4
First published (updated )
CVE-2022-23057

ERPNextERPNext - Improper user access conrol

medium
5.5
First published (updated )
CVE-2022-23055

Frappe LMSFrappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API.

medium
5.3
First published (updated )
CVE-2020-35175

Frappe LMSIn two-factor authentication, the system also sending 2fa secret key in response, which enables an i…

high
7.5
First published (updated )
CVE-2020-27508

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ERPNextSQL Injection

high
8.8
First published (updated )
CVE-2020-6145

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20521

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20520

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20519

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20518

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20517

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20516

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20515

ERPNextXSS

high
7.4
First published (updated )
CVE-2019-20514

ERPNextXSS

medium
6.1
First published (updated )
CVE-2019-20511

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203