Skip to main content

Codekop

4 CVEs product

Monthly

CVE-2023-36347 HIGH POC THREAT This Week

A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Codekop
NVD
CVSS 3.1
7.5
EPSS
34.3%
CVE-2023-36348 HIGH POC This Week

POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Codekop
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
6.4%
CVE-2023-36346 MEDIUM POC This Month

POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Codekop
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
5.3%
CVE-2023-36345 HIGH POC This Week

A Cross-Site Request Forgery (CSRF) in POS Codekop v2.0 allows attackers to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS CSRF Codekop
NVD
CVSS 3.1
8.8
EPSS
1.0%
EPSS 34% CVSS 7.5
HIGH POC THREAT This Week

A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Codekop
NVD
EPSS 6% CVSS 8.8
HIGH POC This Week

POS Codekop v2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the filename parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Codekop
NVD Exploit-DB
EPSS 5% CVSS 6.1
MEDIUM POC This Month

POS Codekop v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the nm_member parameter at print.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Codekop
NVD Exploit-DB
EPSS 1% CVSS 8.8
HIGH POC This Week

A Cross-Site Request Forgery (CSRF) in POS Codekop v2.0 allows attackers to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS CSRF Codekop
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy