CVE-2025-66923

A Cross-site scripting XSS vulnerability in Create/Update Customers in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the phonenumber parameter...

CVE-2025-4503

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/customerupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has bee...

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in CampCodes Sales and Inventory System version 1.0, which stems from SQL injection due to incorrect manipulation of the parameter ID in the file /pages/customerupdate.php...

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System CPS that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead t...