Lucene search
K

4 matches found

OSV
OSV
added 2024/01/26 10:15 a.m.3 views

CVE-2024-23871

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementmodify.php, in the description parameter. Exploitation of this...

6.1CVSS5.8AI score0.00437EPSS
Exploits0References1
OSV
OSV
added 2024/01/26 9:15 a.m.4 views

CVE-2024-23861

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementcreate.php, in the unitofmeasurementid parameter. Exploitation of...

6.1CVSS5.8AI score0.00437EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/26 12:0 a.m.4 views

Cups Easy Cross-Site Scripting Vulnerability

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. A cross-site scripting vulnerability exists in Cups Easy version 1.0, which stems from insufficient escaping of the description parameter on the /cupseasylive/unitofmeasurementmodify.php...

8.2CVSS6.2AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.5 views

PT-2024-20140 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

8.2CVSS6AI score0.00437EPSS
Exploits0References5
Rows per page
Query Builder