Lucene search
K

149 matches found

Prion
Prion
added 2024/01/26 10:15 a.m.26 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/itemgroupcreate.php, in the itemgroupid parameter. Exploitation of this...

5.8CVSS6AI score0.00436EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.21 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/statecreate.php, in the stateid parameter. Exploitation of this vulnerability coul...

5.8CVSS6AI score0.00437EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.19 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/countrycreate.php, in the countryid parameter. Exploitation of this vulnerability...

5.8CVSS6AI score0.00399EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.17 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stockissuancelist.php, in the delete parameter. Exploitation of this vulnerability...

5.8CVSS6AI score0.00437EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.26 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxstructurelist.php, in the description parameter. Exploitation of this...

5.8CVSS6AI score0.00437EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.24 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stocktransactionslist.php, in the itemidy parameter. Exploitation of this...

5.8CVSS6AI score0.00398EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.14 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxcodelist.php, in the description parameter. Exploitation of this vulnerability...

5.8CVSS6AI score0.00399EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 10:15 a.m.18 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/countrylist.php, in the description parameter. Exploitation of this vulnerability...

5.8CVSS6AI score0.00437EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/26 9:18 a.m.26 views

CVE-2024-23888 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stocktransactionslist.php, in the itemidy parameter. Exploitation of this...

8.2CVSS7.2AI score0.00398EPSS
Exploits0References1
CVE
CVE
added 2024/01/26 9:18 a.m.67 views

CVE-2024-23888

CVE-2024-23888 affects Cups Easy (Purchase & Inventory) version 1.0. The vulnerability is a stored/reflected XSS in the itemidy parameter of /cupseasylive/stocktransactionslist.php, potentially allowing a remote attacker to lure an authenticated user to a crafted URL and steal session cookies. Co...

8.2CVSS5.8AI score0.00398EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/26 9:18 a.m.62 views

CVE-2024-23885

CVE-2024-23885 affects Cups Easy (Purchase & Inventory) v1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in /cupseasylive/countrymodify.php, caused by insufficient encoding of the countryid input. An attacker could lure an authenticated user to open a specially crafted URL and potenti...

8.2CVSS5.8AI score0.00436EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/26 9:17 a.m.17 views

CVE-2024-23882 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxcodecreate.php, in the taxcodeid parameter. Exploitation of this vulnerability...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
CVE
CVE
added 2024/01/26 9:16 a.m.71 views

CVE-2024-23881

CVE-2024-23881 affects Cups Easy (Purchase & Inventory) version 1.0. The issue is a Cross-Site Scripting (XSS) vulnerability in the description parameter of the /cupseasylive/statelist.php endpoint, caused by insufficient encoding of user-controlled inputs. An attacker could craft a URL that, whe...

8.2CVSS5.8AI score0.00437EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 9:15 a.m.16 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/itemlist.php, in the description parameter. Exploitation of this vulnerability cou...

5.8CVSS6AI score0.00399EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 9:15 a.m.15 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/grnlinecreate.php, in the batchno parameter. Exploitation of this vulnerability...

5.8CVSS6AI score0.00399EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/26 9:15 a.m.17 views

Cross site scripting

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/taxstructurelinecreate.php, in the flatamount parameter. Exploitation of this...

5.8CVSS6AI score0.00437EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/26 9:13 a.m.16 views

CVE-2024-23875 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stockissuancedisplay.php, in the issuanceno parameter. Exploitation of this...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/26 9:11 a.m.23 views

CVE-2024-23871 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementmodify.php, in the description parameter. Exploitation of this...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/26 9:9 a.m.15 views

CVE-2024-23870 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stockissuancelist.php, in the delete parameter. Exploitation of this vulnerability...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/26 9:9 a.m.19 views

CVE-2024-23869 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/stockissuanceprint.php, in the issuanceno parameter. Exploitation of this...

8.2CVSS7.2AI score0.00437EPSS
Exploits0References1
Rows per page
Query Builder