Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

118 matches found

NVD
NVDadded 2026/04/07 9:17 p.m.1 views

CVE-2026-32712

Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Prior to 3.4.3, a Stored Cross-Site Scripting XSS vulnerability exists in the Daily Sales management table. The customername column is configured with escape: false in the bootstrap-tabl...

5.4CVSS0.00029EPSS
Exploits1References1
CVE
CVEadded 2026/04/07 8:37 p.m.5 views

CVE-2026-32712

Open Source Point of Sale (OSPOS) has a Stored XSS vulnerability in the Daily Sales page prior to version 3.4.3. The issue arises from the customer_name field being configured with escape: false in the bootstrap-table setup, causing customer names to render as raw HTML. With customer management p...

5.4CVSS6AI score0.00029EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/12/12 9:16 p.m.2 views

CVE-2025-14538

A security vulnerability has been detected in yangshare warehouseManager 仓库管理系统 1.1.0. This affects the function addCustomer of the file CustomerManageHandler.java. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit has been...

5.1CVSS5.3AI score0.00026EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/11/17 12:0 a.m.3 views

CVE-2024-44648

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via id and adminremark parameters in quote-details.php...

0.00037EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/10/07 11:13 p.m.2 views

CVE-2025-56382

A stored Cross-site scripting XSS vulnerability exists in the Customer Management Module of LionCoders SalePro POS 5.4.8. An authenticated attacker can inject arbitrary web script or HTML via the 'Customer Name' parameter when creating or editing customer profiles. This malicious input is...

6.1CVSS5.8AI score0.00044EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-15169

Malware in sbrugna...

8.2CVSS8.3AI score0.00558EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-14908

Malware in sbrugna...

6.4CVSS6.9AI score0.00338EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-22360

Malware in sbrugna...

4.9CVSS5.5AI score0.00262EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-22441

Malware in sbrugna...

6.2CVSS6.8AI score0.00135EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-22746

Malware in sbrugna...

9.8CVSS9.5AI score0.01559EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-6844

Malware in sbrugna...

4.3CVSS6.1AI score0.00201EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-6845

Malware in sbrugna...

7.1CVSS7.6AI score0.00217EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2020-6846

Malware in sbrugna...

5.5CVSS6.6AI score0.00175EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-6867

Malware in sbrugna...

3.5CVSS5.9AI score0.00197EPSS
Exploits0References2
CVE
CVEadded 2025/10/06 12:0 a.m.10 views

CVE-2025-56382

The CVE-2025-56382 entry describes a stored XSS in LionCoders SalePro POS 5.4.8, specifically in the Customer Management Module. An authenticated user can inject script or HTML via the 'Customer Name' field when creating or editing a customer profile. The input is not properly sanitized before st...

6.1CVSS5.4AI score0.00044EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/10/03 12:45 a.m.4 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...

6.2AI score0.00037EPSS
Exploits1References1
NVD
NVDadded 2025/10/02 3:15 p.m.1 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...

6.1CVSS0.00037EPSS
Exploits1References2
CVE
CVEadded 2025/10/02 12:0 a.m.10 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting (XSS) via the Customer Name field in the Customer Management section. The root cause is unverified input in that field. Documented impact indicates limited confidentiality/integrity impact and no availabilit...

6.1CVSS5.8AI score0.00037EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/10/02 12:0 a.m.2 views

PT-2025-40397

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description The software is susceptible to Cross Site Scripting XSS attacks. The issue is located in the Customer Name field within the Customer Management Section. Input provided...

6.1CVSS5.9AI score0.00037EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2025/10/02 12:0 a.m.1 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...

5.8AI score0.00037EPSS
Exploits1References2
Rows per page
Query Builder