Dtro

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** The `get material requests based on supplier()` function located at `erpnext/stock/doctype/material request/material request.py` is susceptible to SQL Injection. An attacker can inject a SQL query into the `txt` parameter, potentially allowing extraction of all information from databases. **Recommendations** Apply a fix to the `get material requests based on supplier()` function at `erpnext/stock/doctype/material request/material request.py` to prevent SQL Injection attacks.

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** The `get rfq containing supplier()` function located at `erpnext/buying/doctype/request for quotation/request for quotation.py` is susceptible to SQL Injection. An attacker can inject a SQL query through the `txt` parameter, potentially allowing extraction of all information from databases. **Recommendations** Apply a fix that properly sanitizes the `txt` parameter used in the `get rfq containing supplier()` function.

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** The `get stock balance for()` function located at `erpnext/stock/doctype/stock reconciliation/stock reconciliation.py` is susceptible to SQL Injection. An attacker can inject a SQL query through the `inventory dimensions dict` parameter, potentially allowing extraction of all information from databases. **Recommendations** Apply a fix to the `get stock balance for()` function at `erpnext/stock/doctype/stock reconciliation/stock reconciliation.py` to prevent SQL Injection through the `inventory dimensions dict` parameter.

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** The function `get blanket orders()` at `erpnext/controllers/queries.py` is susceptible to SQL Injection. An attacker can potentially extract information from databases by injecting a SQL query into the `blanket order type` parameter. **Recommendations** Apply a fix for the SQL Injection issue in the `get blanket orders()` function at `erpnext/controllers/queries.py` in version 15.57.5.

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** The `import coa()` function located at `erpnext/accounts/doctype/chart of accounts importer/chart of accounts importer.py` is susceptible to SQL injection. An attacker can inject a SQL query through the `company` parameter, potentially allowing extraction of all data from databases. The vulnerable function is `import coa()`. **Recommendations** Apply a fix for Frappe ERPNext version 15.57.5 to address the SQL injection issue in the `import coa()` function.

**Name of the Vulnerable Software and Affected Versions** Frappe ErpNext version 15.57.5 **Description** The `get timesheet detail rate()` function located at `erpnext/projects/doctype/timesheet/timesheet.py` is susceptible to SQL Injection. This allows an attacker to extract information from databases by injecting SQL queries through the `timelog` parameter. **Recommendations** Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `get timesheet detail rate()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** The `get loyalty program details with points()` function located at `erpnext/accounts/doctype/loyalty program/loyalty program.py` is susceptible to SQL Injection. An attacker can inject a SQL query into the `expiry date` parameter, potentially allowing extraction of all information from databases. **Recommendations** Apply a fix to the `get loyalty program details with points()` function at `erpnext/accounts/doctype/loyalty program/loyalty program.py` to prevent SQL Injection attacks.

**Name of the Vulnerable Software and Affected Versions** Frappe ERPNext version 15.57.5 **Description** Frappe ERPNext version 15.57.5 contains a SQL injection issue in the `get stock balance()` function located at `erpnext/stock/utils.py`. An attacker can inject a SQL query into the `inventory dimensions dict` parameter, potentially allowing them to extract information from databases. **Recommendations** Update to version 15.57.6 or later.

**Name of the Vulnerable Software and Affected Versions** Totolink X6000R version V9.4.0cu.1360 B20241207 **Description** The device contains a command injection issue in the `sub 4184C0` function. An unauthenticated attacker can execute arbitrary commands by sending a crafted request through the `tz` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CraftCMS version 3.8.1 **Description** The issue allows a remote attacker to execute arbitrary code via a crafted script to the `Section` parameter. This enables the attacker to potentially gain control over the system, allowing for unauthorized actions. **Recommendations** For CraftCMS version 3.8.1, consider disabling access to the `Section` parameter until a patch is available. As a temporary workaround, restrict the ability to execute scripts via this parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SmartVista SVFE2 version 2.2.22 **Description** The issue is a SQL injection vulnerability. It can be exploited via the `UserForm:j id90` parameter at the "/SVFE2/pages/feegroups/mcc group.jsf" endpoint. **Recommendations** For SmartVista SVFE2 version 2.2.22, consider restricting access to the vulnerable endpoint "/SVFE2/pages/feegroups/mcc group.jsf" to minimize the risk of exploitation. Avoid using the `UserForm:j id90` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SmartVista SVFE2 version 2.2.22 **Description** A SQL injection issue was found in SmartVista SVFE2. The issue is related to the `UserForm:j id88`, `UserForm:j id90`, and `UserForm:j id92` parameters at the "/SVFE2/pages/feegroups/country group.jsf" endpoint. **Recommendations** For SmartVista SVFE2 version 2.2.22, as a temporary workaround, consider restricting access to the vulnerable parameters `UserForm:j id88`, `UserForm:j id90`, and `UserForm:j id92` in the "/SVFE2/pages/feegroups/country group.jsf" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SmartVista SVFE2 version 2.2.22 **Description** A SQL injection issue was found in SmartVista SVFE2, specifically via the `voiceAudit:j id97` parameter at the "/SVFE2/pages/audit/voiceaudit.jsf" endpoint. This allows for potential exploitation. **Recommendations** For SmartVista SVFE2 version 2.2.22, consider restricting access to the `/SVFE2/pages/audit/voiceaudit.jsf` endpoint until a patch is available. As a temporary workaround, avoid using the `voiceAudit:j id97` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.