CVE-2023-5795 CodeAstro POS System Profile Picture profil unrestricted upload

A vulnerability was found in CodeAstro POS System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profil of the component Profile Picture Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The...

PT-2023-32334 · Unknown · Codeastro Pos System

Name of the Vulnerable Software and Affected Versions: CodeAstro POS System version 1.0 Description: A critical issue affects some unknown functionality of the file /setting of the component Logo Handler, leading to unrestricted upload. The attack can be launched remotely. Recommendations: For...

CVE-2023-5698

A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. This vulnerability affects unknown code of the file pagesdepositmoney.php. The manipulation of the argument accountnumber with the input 421873905--alert9523!-- leads to cross site scripting. The attack...

CVE-2023-5697

A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pageswithdrawmoney.php. The manipulation of the argument accountnumber with the input 287359614--alert1234!-- leads to cross site scripting. It is possible t...

CVE-2023-5698

A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. This vulnerability affects unknown code of the file pagesdepositmoney.php. The manipulation of the argument accountnumber with the input 421873905--alert9523!-- leads to cross site scripting. The attack...

CVE-2023-5699

A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pagesviewclient.php. The manipulation of the argument accname with the input Johnnie Reyes'"&%alert5646 leads to cross site...

CVE-2023-5697

A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pageswithdrawmoney.php. The manipulation of the argument accountnumber with the input 287359614--alert1234!-- leads to cross site scripting. It is possible t...

CVE-2023-5699

A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pagesviewclient.php. The manipulation of the argument accname with the input Johnnie Reyes'"&%alert5646 leads to cross site...

Cross site scripting

A vulnerability classified as problematic was found in CodeAstro Internet Banking System 1.0. This vulnerability affects unknown code of the file pagesdepositmoney.php. The manipulation of the argument accountnumber with the input 421873905--alert9523!-- leads to cross site scripting. The attack...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pagesviewclient.php. The manipulation of the argument accname with the input Johnnie Reyes'"&%alert5646 leads to cross site...

Cross site scripting

A vulnerability classified as problematic has been found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pageswithdrawmoney.php. The manipulation of the argument accountnumber with the input 287359614--alert1234!-- leads to cross site scripting. It is possible t...

CVE-2023-5699 CodeAstro Internet Banking System pages_view_client.php cross site scripting

A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pagesviewclient.php. The manipulation of the argument accname with the input Johnnie Reyes'"&%alert5646 leads to cross site...

CVE-2023-5699 CodeAstro Internet Banking System pages_view_client.php cross site scripting

A vulnerability, which was classified as problematic, has been found in CodeAstro Internet Banking System 1.0. This issue affects some unknown processing of the file pagesviewclient.php. The manipulation of the argument accname with the input Johnnie Reyes'"&%alert5646 leads to cross site...

CVE-2023-5699

CVE-2023-5699 : CodeAstro Internet Banking System 1.0 contains a cross-site scripting (XSS) issue in the pages_view_client.php file. The vulnerability arises from unsafely handling the acc_name parameter, where crafted input (e.g., Johnnie Reyes'"()&%) can lead to script execution in a victim’s b...

CVE-2023-5693

A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pagesresetpwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-5696

A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file pagestransfermoney.php. The manipulation of the argument accountnumber with the input 357146928--alert9206!-- leads to cross site...

CVE-2023-5694

A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been classified as problematic. Affected is an unknown function of the file pagessystemsettings.php. The manipulation of the argument sysname with the input alert991 leads to cross site scripting. It is possible to launch...

CVE-2023-5696

A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file pagestransfermoney.php. The manipulation of the argument accountnumber with the input 357146928--alert9206!-- leads to cross site...

CVE-2023-5695

A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file pagesresetpwd.php. The manipulation of the argument email with the input testing%40example.com'%26%25alert9860 leads to...

CVE-2023-5693

A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pagesresetpwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...