17 matches found
CVE-2025-13479
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-13479
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-13479 IDOR in PosCube's QR Menu
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-13479
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
CVE-2025-13479
CVE-2025-13479 affects PosCube’s QR Menu. The issue is an authorization bypass via a user-controlled key, enabling exploitation of trusted identifiers. Affected as of QR Menu through 21052026. Root cause: authorization bypass vulnerability; impact aligns with CVSS: high confidentiality impact, ne...
CVE-2025-13479 IDOR in PosCube's QR Menu
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
EUVD-2025-209908
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
PosCube QR Menu 安全漏洞
PosCube QR Menu is a QR code electronic menu and ordering management system for the catering industry developed by the Turkish company PosCube. The versions of PosCube QR Menu dated back to May 21052026 and earlier contained a security vulnerability. This vulnerability stemmed from an authorizati...
PT-2026-42463
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers. This issue affects QR Menu: through 21052026. NOTE: The vendor was contacted early about this disclosure but did not respond in any w...
EUVD-2025-32108
Malicious code in bioql PyPI...
CVE-2025-0642
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025...
CVE-2025-0642
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025...
CVE-2025-0642
PosCube Assist (PosCube Hardware Software and Consulting Ltd. Co.) is affected up to version 10.02.2025. The issue combines hard-coded credentials with an authorization bypass via user‑controlled keys, enabling authentication bypass and potentially arbitrary access (described as exploitation/ Exc...
CVE-2025-0642 Hard-coded Credentials in PosCube's Assist
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025...
CVE-2025-0642 Hard-coded Credentials in PosCube's Assist
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025...
Poscube Assist 信任管理问题漏洞
Poscube Assist is a mobile reporting tool from Poscube Turkey. A trust management issue vulnerability exists in Poscube Assist version 10.02.2025 and earlier, which stems from bypassing authorization using hard-coded credentials and user control keys, which could lead to authentication bypass...
PT-2025-40342
Name of the Vulnerable Software and Affected Versions PosCube Assist versions through 10.02.2025 Description The software contains hard-coded credentials and allows authorization bypass through user-controlled keys, potentially enabling excavation and authentication bypass. Recommendations Update...