Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/12/17 10:20 p.m.5 views

EUVD-2025-204014

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Cross-Site Request Forgery CSRF vulnerability exists in the application's filter configuration. The CSRF protection...

8.8CVSS6.6AI score0.0017EPSS
Exploits3References4
OSV
OSVadded 2025/12/17 10:20 p.m.6 views

CVE-2025-68434 opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Cross-Site Request Forgery CSRF vulnerability exists in the application's filter configuration. The CSRF protection...

8.8CVSS7AI score0.0017EPSS
Exploits3References6
Cvelist
Cvelistadded 2025/12/17 10:16 p.m.19 views

CVE-2025-68147 opensourcepos has a Cross-site Scripting vulnerability

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Stored Cross-Site Scripting XSS vulnerability exists in the "Return Policy" configuration field. The application doe...

8.1CVSS0.00047EPSS
Exploits4References3
OSV
OSVadded 2025/09/17 6:26 p.m.1 views

GHSA-C2F4-JGMC-Q2R5 REXML has DoS condition when parsing malformed XML file

Impact The REXML gems from 3.3.3 to 3.4.1 have a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. Patches REXML gems 3.4.2 or later include the patches to fix these vulnerabilities...

5.1CVSS7.1AI score0.00084EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/09/17 5:45 p.m.1 views

CVE-2025-58767 REXML has a DoS condition when parsing malformed XML file

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...

5.1CVSS6.8AI score0.00084EPSS
Exploits0References2
RubySec
RubySecadded 2025/09/17 12:0 a.m.5 views

REXML has DoS condition when parsing malformed XML file

Impact The REXML gems from 3.3.3 to 3.4.1 have a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. Patches REXML gems 3.4.2 or later include the patches to fix these vulnerabilities...

5.3CVSS7.1AI score0.00084EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2021/08/30 4:12 p.m.0 views

GHSA-FG47-3C2X-M2WR TimelockController vulnerability in OpenZeppelin Contracts

Impact A vulnerability in TimelockController allowed an actor with the executor role to take immediate control of the timelock, by resetting the delay to 0 and escalating privileges, thus gaining unrestricted access to assets held in the contract. Instances with the executor role set to "open"...

10CVSS5.9AI score0.00443EPSS
Exploits0References5
Rows per page
Query Builder