Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-56381

ERPNEXT v15.67.0 was discovered to contain multiple SQL injection vulnerabilities in the /api/method/frappe.desk.reportview.get endpoint via the order_by and group_by parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.5%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2025-56381
  • Frappe » Erpnext » Version: 15.67.0
    cpe:2.3:a:frappe:erpnext:15.67.0
  • Frappe » Frappe » Version: 15.72.4
    cpe:2.3:a:frappe:frappe:15.72.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved