Print Shop Pro Webdesk

6 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-26725 CRITICAL POC Act Now

Privilege escalation in Print Shop Pro WebDesk v.18.34 via AccessID parameter. PoC available.

Privilege Escalation Print Shop Pro Webdesk
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-61550 MEDIUM POC This Month

Cross-Site Scripting (XSS) is present on the ctl00_Content01_fieldValue parameters on the /psp/appNet/TemplateOrder/TemplatePreview.aspx endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.69). [CVSS 5.4 MEDIUM]

XSS Print Shop Pro Webdesk
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-61549 MEDIUM POC This Month

Cross-Site Scripting (XSS) is present on the LoginID parameter on the /PSP/app/web/reg/reg_display.asp endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). Unsanitized user input is reflected in HTTP responses without proper HTML encoding or escaping. [CVSS 6.1 MEDIUM]

XSS Print Shop Pro Webdesk
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-61548 CRITICAL POC Act Now

Print Shop Pro WebDesk 18.34 has SQL injection in the hfInventoryDistFormID parameter of GetUnitPrice. Combined with CVE-2025-61546 (negative quantities), this endpoint has two critical vulnerabilities. PoC available, fixed in 19.69.

SQLi Print Shop Pro Webdesk
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-61547 MEDIUM POC This Month

Print Shop Pro Webdesk versions up to 18.34 is affected by cross-site request forgery (csrf) (CVSS 6.8).

CSRF Print Shop Pro Webdesk
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-61546 CRITICAL POC Act Now

Print Shop Pro WebDesk 18.34 allows purchasing items with negative quantities, creating financial discrepancies. Attackers can generate credits or manipulate pricing through the GetUnitPrice endpoint. PoC available, fixed in 19.69.

Code Injection Print Shop Pro Webdesk
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-26725
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Privilege escalation in Print Shop Pro WebDesk v.18.34 via AccessID parameter. PoC available.

Privilege Escalation Print Shop Pro Webdesk
NVD GitHub
CVE-2025-61550
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Cross-Site Scripting (XSS) is present on the ctl00_Content01_fieldValue parameters on the /psp/appNet/TemplateOrder/TemplatePreview.aspx endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.69). [CVSS 5.4 MEDIUM]

XSS Print Shop Pro Webdesk
NVD GitHub
CVE-2025-61549
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Cross-Site Scripting (XSS) is present on the LoginID parameter on the /PSP/app/web/reg/reg_display.asp endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). Unsanitized user input is reflected in HTTP responses without proper HTML encoding or escaping. [CVSS 6.1 MEDIUM]

XSS Print Shop Pro Webdesk
NVD GitHub
CVE-2025-61548
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Print Shop Pro WebDesk 18.34 has SQL injection in the hfInventoryDistFormID parameter of GetUnitPrice. Combined with CVE-2025-61546 (negative quantities), this endpoint has two critical vulnerabilities. PoC available, fixed in 19.69.

SQLi Print Shop Pro Webdesk
NVD GitHub
CVE-2025-61547
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Print Shop Pro Webdesk versions up to 18.34 is affected by cross-site request forgery (csrf) (CVSS 6.8).

CSRF Print Shop Pro Webdesk
NVD GitHub
CVE-2025-61546
EPSS 0% CVSS 9.1
CRITICAL POC Act Now

Print Shop Pro WebDesk 18.34 allows purchasing items with negative quantities, creating financial discrepancies. Attackers can generate credits or manipulate pricing through the GetUnitPrice endpoint. PoC available, fixed in 19.69.

Code Injection Print Shop Pro Webdesk
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy