13 matches found
CVE-2026-26745
OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currencysymbol configuration field. Although the input is initially stored without immediate execution, it is later concatenated into a dynamically constructed SQL query without proper sanitization or...
CVE-2026-26745
OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currencysymbol configuration field. Although the input is initially stored without immediate execution, it is later concatenated into a dynamically constructed SQL query without proper sanitization or...
CVE-2026-26745
OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currencysymbol configuration field. Although the input is initially stored without immediate execution, it is later concatenated into a dynamically constructed SQL query without proper sanitization or...
CVE-2026-26745
OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currencysymbol configuration field. Although the input is initially stored without immediate execution, it is later concatenated into a dynamically constructed SQL query without proper sanitization or...
PT-2026-21255
Name of the Vulnerable Software and Affected Versions OpenSourcePOS version 3.4.1 Description The software contains a second order SQL Injection issue in how it handles the currency symbol configuration field. The input is stored and later used in a dynamically constructed SQL query without prope...
CVE-2026-26745
CVE-2026-26745 affects OpenSourcePOS 3.4.1. Affected component: the currency_symbol configuration field. The vulnerability is a second-order SQL Injection where input is stored and later concatenated into a dynamically constructed SQL query without proper sanitization or parameter binding. This c...
opensourcepos 安全漏洞
opensourcepos is an open-source POS system developed by opensourcepos. Version 3.4.1 of opensourcepos contains a security vulnerability, which stems from improper handling of the currencysymbol configuration field. This vulnerability may lead to a second-level SQL injection attack...
CVE-2026-26745
OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currencysymbol configuration field. Although the input is initially stored without immediate execution, it is later concatenated into a dynamically constructed SQL query without proper sanitization or...
CVE-2026-26745
OpenSourcePOS 3.4.1 has a second order SQL Injection vulnerability in the handling of the currencysymbol configuration field. Although the input is initially stored without immediate execution, it is later concatenated into a dynamically constructed SQL query without proper sanitization or...
Ultimate Product Catalog < 5.0.26 - Subscriber+ Arbitrary Product Creation & Settings Update
The plugin does not have authorisation and CSRF checks in some AJAX actions, which could allow any authenticated users, such as subscriber to call them and add arbitrary products, or change the plugin's settings for example To add a product: fetch"https://example.com/wp-admin/admin-ajax.php",...
June 4, 2019, update for Excel 2016 (KB4464578)
June 4, 2019, update for Excel 2016 KB4464578 This article describes update 4464578 for Microsoft Excel 2016 that was released on June 4, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to the...
An update is available that changes the currency symbol of Latvia to the euro (€) in Windows
An update is available that changes the currency symbol of Latvia to the euro € in Windows Introduction An update is available that changes the currency symbol of Latvia from the Latvian lats Ls to the euro € in Windows. Note Latvia adopts the euro on January 1, 2014. This update applies to the...
Update to support the new currency symbol for the Russian ruble in Windows
Update to support the new currency symbol for the Russian ruble in Windows About this update After you apply this update, the new Russian ruble symbol can be input by using the physical keyboard, Windows on-screen keyboard osk.exe, or Tablet PC Input Panel Tabtip.exe in Windows 8.1, Windows RT 8....