25 matches found
CVE-2026-8803 opensourcepos Open Source Point of Sale Employee Login Employee.php login weak hash
A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation causes use of weak hash. Remote exploitation of the attack is possible. The attack is considered to...
EUVD-2026-30768
A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation causes use of weak hash. Remote exploitation of the attack is possible. The attack is considered to...
CVE-2026-8802
A vulnerability was detected in opensourcepos Open Source Point of Sale up to 3.4.2. This issue affects the function getPicThumb of the file app/Controllers/Items.php. The manipulation of the argument picfilename results in path traversal. The attack may be launched remotely. The patch is...
PT-2026-26544
Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled search custom filter, user-supplied input from the search GET...
CVE-2025-66924
A Cross-site scripting XSS vulnerability in Create/Update Item Kits in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
CVE-2025-66921
A Cross-site scripting XSS vulnerability in Create/Update Items Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
CVE-2025-66924
A Cross-site scripting XSS vulnerability in Create/Update Item Kits in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML via the "name" parameter...
Open Source Point of Sale 安全漏洞
Open Source Point of Sale is an open source web-based point of sale system from opensourcepos. A security vulnerability exists in Open Source Point of Sale version v3.4.1, which stems from improper handling of the name parameter in the Create/Update Items module, which could lead to a cross-site...
CVE-2025-66921
CVE-2025-66921 describes a Cross-site scripting (XSS) vulnerability in the Open Source Point of Sale (OSPOS) v3.4.1, specifically in the Create/Update Item(s) Module. The issue arises from improper handling of the name parameter, allowing remote attackers to inject arbitrary web script or HTML. M...
EUVD-2015-0312
Malware in sbrugna...
EUVD-2022-37530
Malicious code in bioql PyPI...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
Design/Logic Flaw
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
CVE-2022-34578 affects Open Source Point of Sale (OSPOS) v3.3.7. Reported as an arbitrary file upload vulnerability via the Update Branding Settings page; root cause not detailed in the provided sources beyond the upload flaw. No explicit exploit in the supplied documents; no patch version or wor...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
Open Source Point of Sale 代码问题漏洞
Open Source Point of Sale is a web-based point of sale system. A security vulnerability exists in Open Source Point of Sale version v3.3.7, which stems from an arbitrary file upload vulnerability discovered via the Update Branding Settings page...
PT-2022-22217 · Unknown · Open Source Point Of Sale
Name of the Vulnerable Software and Affected Versions: Open Source Point of Sale version 3.3.7 Description: The issue is related to an arbitrary file upload vulnerability. This vulnerability can be exploited via the Update Branding Settings page. Recommendations: For Open Source Point of Sale...
Open Source Point Of Sale Stored XSS
The Open Source Point of Sale POS application running on the remote web server is vulnerable to a Stored XSS vulnerability. - A Stored cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker ca...