Lucene search
K

14 matches found

OSV
OSV
added 2024/01/26 11:15 a.m.4 views

CVE-2024-23896

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stock.php, in the batchno parameter. Exploitation of this vulnerability could allo...

6.1CVSS6.3AI score0.00489EPSS
Exploits0References1
NVD
NVD
added 2024/01/26 11:15 a.m.24 views

CVE-2024-23894

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stockissuancecreate.php, in the issuancedate parameter. Exploitation of this...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 11:15 a.m.3 views

CVE-2024-23891

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/itemcreate.php, in the itemid parameter. Exploitation of this vulnerability could...

6.1CVSS5.8AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.4 views

CVE-2024-23889

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/itemgroupcreate.php, in the itemgroupid parameter. Exploitation of this...

6.1CVSS5.8AI score0.00436EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.3 views

CVE-2024-23876

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxstructurecreate.php, in the description parameter. Exploitation of this...

6.1CVSS5.8AI score0.00437EPSS
Exploits0References1
NVD
NVD
added 2024/01/26 10:15 a.m.18 views

CVE-2024-23871

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementmodify.php, in the description parameter. Exploitation of this...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
NVD
NVD
added 2024/01/26 10:15 a.m.13 views

CVE-2024-23867

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/statecreate.php, in the stateid parameter. Exploitation of this vulnerability coul...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.8 views

CVE-2024-23866

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/countrycreate.php, in the countryid parameter. Exploitation of this vulnerability...

6.1CVSS5.8AI score0.00399EPSS
Exploits0References1
Prion
Prion
added 2024/01/26 10:15 a.m.24 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stocktransactionslist.php, in the itemidy parameter. Exploitation of this...

5.8CVSS6AI score0.00398EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/26 9:13 a.m.21 views

CVE-2024-23876 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxstructurecreate.php, in the description parameter. Exploitation of this...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/26 9:9 a.m.14 views

CVE-2024-23868 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/grnlist.php, in the deleted parameter. Exploitation of this vulnerability could...

8.2CVSS7.2AI score0.00399EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.7 views

PT-2024-20134 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

8.2CVSS6.1AI score0.00399EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.4 views

PT-2024-20142 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

8.2CVSS6.1AI score0.00437EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2020/01/29 12:0 a.m.141 views

Cups Easy 1.0 Cross Site Request Forgery

Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link: https://sourceforge.net/projects/cupseasy/files/cupseasylive-1.0/ Version: 1.0 Tested on Windows 10/Kali...

0.3AI score0.01548EPSS
Exploits6
Rows per page
Query Builder