Lucene search
K

13 matches found

OSV
OSV
added 2024/02/02 10:15 a.m.4 views

CVE-2024-23895

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/locationcreate.php, in the locationid parameter. Exploitation of this vulnerabilit...

6.1CVSS5.8AI score0.00499EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.6 views

CVE-2024-23888

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stocktransactionslist.php, in the itemidy parameter. Exploitation of this...

6.1CVSS5.8AI score0.00398EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.4 views

CVE-2024-23880

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxcodelist.php, in the description parameter. Exploitation of this vulnerability...

6.1CVSS5.8AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.3 views

CVE-2024-23881

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/statelist.php, in the description parameter. Exploitation of this vulnerability...

6.1CVSS6.3AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.3 views

CVE-2024-23872

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/locationmodify.php, in the description parameter. Exploitation of this vulnerabili...

6.1CVSS5.8AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.8 views

CVE-2024-23866

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/countrycreate.php, in the countryid parameter. Exploitation of this vulnerability...

6.1CVSS5.8AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 10:15 a.m.2 views

CVE-2024-23863

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxstructuredisplay.php, in the description parameter. Exploitation of this...

6.1CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2024/01/26 9:15 a.m.4 views

CVE-2024-23859

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxstructurelinecreate.php, in the flatamount parameter. Exploitation of this...

6.1CVSS5.8AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 9:15 a.m.3 views

CVE-2024-23857

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/grnlinecreate.php, in the batchno parameter. Exploitation of this vulnerability...

6.1CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.5 views

PT-2024-20160 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

8.2CVSS6.1AI score0.00437EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.6 views

PT-2024-20147 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A Cross-Site Scripting XSS issue has been reported due to insufficient encoding of user-controlled inputs. This can be exploited via the /cupseasylive/grnprint.php endpoint, specifically...

8.2CVSS6.2AI score0.00399EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.3 views

PT-2024-20150 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A Cross-Site Scripting XSS issue has been reported, resulting from insufficient encoding of user-controlled inputs. This can be exploited via the /cupseasylive/statelist.php endpoint,...

8.2CVSS6.2AI score0.00437EPSS
Exploits0References4
OSV
OSV
added 2020/01/28 11:15 p.m.3 views

CVE-2020-8425

Cups Easy Purchase & Inventory 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php...

6.5CVSS6.8AI score0.01233EPSS
Exploits5References2
Rows per page
Query Builder