CVE-2022-40295
The CVE-2022-40295 entry concerns PHP Point of Sale v19.0, where an authenticated information disclosure allows administrators to view unsalted user passwords, enabling offline attacks to recover plaintext passwords. The vulnerability is described consistently across NVD/CVE records and related s...