48 matches found
CVE-2023-36347
POS Codekop v2.0 is affected by a broken authentication flaw in the endpoint excel.php that allows unauthenticated access to download selling data. The issue stems from improper authentication/session handling, enabling an attacker to retrieve sensitive data without valid login. Impact is describ...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36348
POS Codekop v2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the filename parameter...
CVE-2023-36348
POS Codekop v2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the filename parameter...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
CVE-2023-36348
POS Codekop v2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the filename parameter...
Cross site request forgery (csrf)
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
Cross site scripting
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36348
POS Codekop v2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the filename parameter...
EUVD-2023-40314
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
POS Codekop 跨站脚本漏洞
POS Codekop is an application. A security vulnerability exists in POS Codekop version 2.0, which stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerability to elevate privileges...
POS Codekop 跨站脚本漏洞
POS Codekop is an application. A security vulnerability exists in POS Codekop version 2.0, which stems from the parameter nmmember containing a Reflected Cross-Site Scripting XSS vulnerability...
POS Codekop 安全漏洞
POS Codekop is an application. A security vulnerability exists in POS Codekop version 2.0 that stems from the presence of a remote code execution RCE vulnerability...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
PT-2023-25542 · Unknown · Pos Codekop
Name of the Vulnerable Software and Affected Versions: POS Codekop version 2.0 Description: A Cross-Site Request Forgery CSRF issue allows attackers to escalate privileges. Recommendations: For POS Codekop version 2.0, consider implementing proper CSRF token validation to prevent unauthorized...