EUVD-2026-37952

Hashgraph Guardian through 3.5.0, fixed in commit ba8c566, contains a stored cross-site scripting vulnerability that allows authenticated users with the STANDARDREGISTRY role to inject malicious scripts by submitting a crafted companyName value via the branding configuration API endpoint. Attacke...

PT-2026-50797

Name of the Vulnerable Software and Affected Versions Hashgraph Guardian versions prior to 3.5.0 commit ba8c566 Description A stored cross-site scripting issue exists where authenticated users with the STANDARD REGISTRY role can inject malicious scripts. This occurs by submitting a crafted...

CVE-2026-23752

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject arbitrary JavaScript by manipulating the companyname POST parameter without HTML sanitization. Attackers can...

EUVD-2026-33623

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

CVE-2026-10248 SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System up to 1.0. This issue affects the function createsupplier of the file /Exportcsv/export of the component Supplier Creation Interface. This manipulation of the argument Address/Company Name causes csv injection...

CVE-2026-10245

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

EUVD-2026-33618

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

CVE-2026-10245

Technical details about CVE-2026-10245 are not provided in the connected documents. The Initial Description includes exploit info, but no additional technical specifics beyond what is stated. Monitor for updates.

SourceCodester Pharmacy Sales and Inventory System 代码注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a code injection vulnerability. This vulnerability stems from improper...

CVE-2025-41024

Stored Cross-Site Scripting XSS in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows: 'companyaddress', 'companyemail', 'companyname', 'country',...

PT-2026-3550

Name of the Vulnerable Software and Affected Versions Poultry Farm Management System version 1.0 Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data when a POST request is made. The following parameters in the '/farm/farmprofile.php'...

CVE-2025-68658 Open Source Point of Sale (opensourcepos) Stored XSS in Configuration (Information) – Company Name field

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. opensourcepos 3.4.0 and 3.4.1 has a stored XSS vulnerability exists in the Configuration Information functionality. An authenticated user with the permission “Configuration...

CVE-2025-68658 Open Source Point of Sale (opensourcepos) Stored XSS in Configuration (Information) – Company Name field

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. opensourcepos 3.4.0 and 3.4.1 has a stored XSS vulnerability exists in the Configuration Information functionality. An authenticated user with the permission “Configuration...

CVE-2025-68658

CVE-2025-68658 affects Open Source Point of Sale (opensourcepos) 3.4.0–3.4.1. It is a stored XSS in the Configuration → Information workflow: an authenticated user with the permission “Configuration: Change OSPOS's Configuration” can inject JavaScript into the Company Name field; the payload is s...

CVE-2025-68658 Open Source Point of Sale (opensourcepos) Stored XSS in Configuration (Information) – Company Name field

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. opensourcepos 3.4.0 and 3.4.1 has a stored XSS vulnerability exists in the Configuration Information functionality. An authenticated user with the permission “Configuration...

PT-2026-2492

Name of the Vulnerable Software and Affected Versions Open Source Point of Sale versions 3.4.0 through 3.4.1 Description Open Source Point of Sale is a web-based point of sale application written in PHP using the CodeIgniter framework. A stored cross-site scripting XSS issue exists in the...

Open Source Point of Sale 跨站脚本漏洞

Open Source Point of Sale is an open source web-based point of sale system from opensourcepos. A cross-site scripting vulnerability exists in Open Source Point of Sale versions 3.4.0 and 3.4.1, which stems from a stored cross-site script in the configuration function that could cause an...

How scammers use fake insurance texts to steal your identity

Sometimes it’s hard to understand how some scams work or why criminals would even try them on you. In this case it may have been a matter of timing. One of my co-workers received this one: “Insurance estimates for certain age ranges: 20-30 200 – 300/mo 31-40 270 – 450/mo 41-64 350 – 500/mo Please...

EUVD-2021-0499

Malware in sbrugna...

EUVD-2018-17456

Malware in sbrugna...