10 matches found
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
edu Business Solutions Print Shop Pro WebDesk 安全漏洞
edu Business Solutions Print Shop Pro WebDesk is a print order management system from edu Business Solutions, USA. A security vulnerability exists in edu Business Solutions Print Shop Pro WebDesk version 18.34, which originates from an incorrect operation of the parameter hfInventoryDistFormID in...
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
PT-2026-1829
Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk versions 18.34 Description A SQL injection issue exists due to the improper handling of user-supplied data. Specifically, the hfInventoryDistFormID parameter within the...
PT-2026-1827
Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk version 18.34 Description A flaw exists in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice API endpoint that allows a remote attacker to create financial discrepancies. This is possible by purchasi...
CVE-2025-61548
CVE-2025-61548 affects edu Business Solutions Print Shop Pro WebDesk 18.34. The hfInventoryDistFormID parameter in /PSP/appNET/Store/CartV12.aspx/GetUnitPrice is susceptible to SQL injection due to unsanitized input concatenated into queries. Impact is remote arbitrary SQL execution with high con...