CVE-2018-20061
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A SQL injection issue was discovered in ERPNext 10.x and 11.x through 11.0.3-beta.29. This attack is only available to a logged-in user; however, many ERPNext sites allow account creation via the web. No special privileges are needed to conduct the attack. By calling a JavaScript function that calls a server-side Python function with carefully chosen arguments, a SQL attack can be carried out which allows SQL queries to be constructed to return any columns from any tables in the database. This is related to /api/resource/Item?fields= URIs, frappe.get_list, and frappe.call.
Se ha descubierto un problema de inyección SQL en ERPNext, en versiones 10.x y 11.x hasta la 11.0.3-beta.29. Este ataque solo está disponible para un usuario que haya iniciado sesión; sin embargo, muchos sitios de ERPNext permiten la creación de cuentas mediante la web. No se necesitan privilegios especiales para llevar a cabo el ataque. Al llamar a una función JavaScript que llama a una función de Python del lado del servidor con argumentos cuidadosamente escogidos, se puede realizar un ataque SQL que permite que se construyan consultas SQL que devuelvan cualquier columna de cualquier tabla de la base de datos. Esto está relacionado con los URI frappe.get_list y frappe.call en /api/resource/Item?fields=.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-12-11 CVE Reserved
- 2018-12-11 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://github.com/frappe/erpnext/issues/15337 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | >= 10.0.0 <= 10.1.76 Search vendor "Frappe" for product "Erpnext" and version " >= 10.0.0 <= 10.1.76" | - |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | >= 11.0.0 < 11.0.3 Search vendor "Frappe" for product "Erpnext" and version " >= 11.0.0 < 11.0.3" | - |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta10 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta11 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta12 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta13 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta14 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta15 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta16 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta17 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta18 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta19 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta2 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta20 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta21 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta22 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta23 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta24 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta25 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta26 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta27 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta28 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta29 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta3 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta4 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta5 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta6 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta7 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta8 |
Affected
| ||||||
Frappe Search vendor "Frappe" | Erpnext Search vendor "Frappe" for product "Erpnext" | 11.0.3 Search vendor "Frappe" for product "Erpnext" and version "11.0.3" | beta9 |
Affected
|