21 matches found
EUVD-2022-37530
Malicious code in bioql PyPI...
EUVD-2022-6429
Malicious code in bioql PyPI...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
Design/Logic Flaw
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
CVE-2022-34578
CVE-2022-34578 affects Open Source Point of Sale (OSPOS) v3.3.7. Reported as an arbitrary file upload vulnerability via the Update Branding Settings page; root cause not detailed in the provided sources beyond the upload flaw. No explicit exploit in the supplied documents; no patch version or wor...
CVE-2022-34578
Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page...
Open Source Point of Sale 代码问题漏洞
Open Source Point of Sale is a web-based point of sale system. A security vulnerability exists in Open Source Point of Sale version v3.3.7, which stems from an arbitrary file upload vulnerability discovered via the Update Branding Settings page...
PT-2022-22217 · Unknown · Open Source Point Of Sale
Name of the Vulnerable Software and Affected Versions: Open Source Point of Sale version 3.3.7 Description: The issue is related to an arbitrary file upload vulnerability. This vulnerability can be exploited via the Update Branding Settings page. Recommendations: For Open Source Point of Sale...
Snipe-IT 6.0.2 vulnerable to Cross-site Scripting via arbitrary file upload in Update Branding Settings
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2022-32060
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2022-32060
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
CVE-2022-32060
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file...
PT-2022-21083 · Snipe-It · Snipe-It
Name of the Vulnerable Software and Affected Versions: Snipe-IT version 6.0.2 Description: The issue allows attackers to execute arbitrary code via a crafted file, exploiting an arbitrary file upload vulnerability in the Update Branding Settings component. Recommendations: For Snipe-IT version...
Snipe-IT 跨站脚本漏洞
Snipe-IT is an open source IT asset/license management system. A security vulnerability exists in Snipe-IT version v6.0.2, which originates from a malicious file that can be uploaded on the Update Branding Settings page and can be exploited by an attacker to execute arbitrary code...
CVE-2022-32060
CVE-2022-32060 affects Snipe-IT 6.0.2, with an arbitrary file upload vulnerability in the Update Branding Settings component. Connected sources attribute the root cause to inadequate validation in the Update Branding Settings handling (store function), enabling an attacker to upload a crafted fil...
CVE-2020-8825
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS...