Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Frappe:
Security Vulnerabilities
CVE-2019-20514
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the address/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20515
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the addresses/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20516
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the blog/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20518
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafted e-mail address.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20520
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/method/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20521
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI.
CVSS Score
7.4
EPSS Score
0.008
Published
2020-03-19
CVE-2019-20511
ERPNext 11.1.47 allows blog?blog_category= Frame Injection.
CVSS Score
4.7
EPSS Score
0.007
Published
2020-03-18
CVE-2019-20529
In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files.
CVSS Score
7.5
EPSS Score
0.013
Published
2020-03-18
Prev
Next
Page 12
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved