10 matches found
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
CVE-2025-61546
There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible d...
CVE-2025-61548
CVE-2025-61548 affects edu Business Solutions Print Shop Pro WebDesk 18.34. The hfInventoryDistFormID parameter in /PSP/appNET/Store/CartV12.aspx/GetUnitPrice is susceptible to SQL injection due to unsanitized input concatenated into queries. Impact is remote arbitrary SQL execution with high con...
edu Business Solutions Print Shop Pro WebDesk 安全漏洞
edu Business Solutions Print Shop Pro WebDesk is a print order management system from edu Business Solutions, USA. A security vulnerability exists in edu Business Solutions Print Shop Pro WebDesk version 18.34, which originates from an incorrect operation of the parameter hfInventoryDistFormID in...
PT-2026-1829
Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk versions 18.34 Description A SQL injection issue exists due to the improper handling of user-supplied data. Specifically, the hfInventoryDistFormID parameter within the...
CVE-2025-61548
SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 fixed in 19.69. Unsanitized user input is incorporated directly into SQL queries without proper parameterizati...
PT-2026-1827
Name of the Vulnerable Software and Affected Versions edu Business Solutions Print Shop Pro WebDesk version 18.34 Description A flaw exists in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice API endpoint that allows a remote attacker to create financial discrepancies. This is possible by purchasi...