Skip to main content

Php Point Of Sale

10 CVEs product

Monthly

CVE-2022-40296 CRITICAL Act Now

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Php Point Of Sale
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-40295 MEDIUM This Month

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Php Point Of Sale
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2022-40294 HIGH This Week

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Php Point Of Sale
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-40293 CRITICAL Act Now

The application was vulnerable to a session fixation that could be used hijack accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Php Point Of Sale
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-40292 MEDIUM This Month

The application allowed for Unauthenticated User Enumeration by interacting with an unsecured endpoint to retrieve information on each account within the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Php Point Of Sale
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-40291 HIGH This Week

The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Php Point Of Sale
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2022-40290 MEDIUM This Month

The application was vulnerable to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the barcode generation functionality, allowing attackers to generate an unsafe link that. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Php Point Of Sale
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-40289 CRITICAL Act Now

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the upload and download functionality, which could be leveraged to escalate privileges or compromise any. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Php Point Of Sale
NVD
CVSS 3.1
9.0
EPSS
0.6%
CVE-2022-40288 CRITICAL Act Now

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Php Point Of Sale
NVD
CVSS 3.1
9.0
EPSS
0.6%
CVE-2022-40287 CRITICAL Act Now

The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in messaging functionality, leading to privilege escalation or a compromise of a. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Privilege Escalation Php Point Of Sale
NVD
CVSS 3.1
9.0
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL Act Now

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Php Point Of Sale
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Php Point Of Sale
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Php Point Of Sale
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The application was vulnerable to a session fixation that could be used hijack accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Php Point Of Sale
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

The application allowed for Unauthenticated User Enumeration by interacting with an unsecured endpoint to retrieve information on each account within the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Php Point Of Sale
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Php Point Of Sale
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

The application was vulnerable to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the barcode generation functionality, allowing attackers to generate an unsafe link that. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Php Point Of Sale
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the upload and download functionality, which could be leveraged to escalate privileges or compromise any. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Php Point Of Sale
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Php Point Of Sale
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in messaging functionality, leading to privilege escalation or a compromise of a. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Privilege Escalation Php Point Of Sale
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy