Lucene search
China National Vulnerability DatabaseCNVD-2024-11124HistoryJan 30, 2024 - 12:00 a.m.
Cups Easy cross-site scripting vulnerability (CNVD-2024-11124)
2024-01-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
cups easy
php
cross-site scripting
vulnerability
companymodify.php
authentication credentials
steal
Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability due to the companymodify.php script improperly validating user-supplied input. An attacker could use this vulnerability to steal the victimβs cookie-based authentication credentials.
Related
cve
cve
CVE-2024-23874
2024-01-26 10:15:10
cvelist
cvelist
CVE-2024-23874 Cross-Site Scripting (XSS) vulnerability in Cups Easy
2024-01-26 09:13:18
nvd
nvd
CVE-2024-23874
2024-01-26 10:15:10
prion
prion
Cross site scripting
2024-01-26 10:15:00