4 matches found
opensourcepos 安全漏洞
opensourcepos is an open-source POS system developed by opensourcepos. Version 3.4.1 of opensourcepos contains a security vulnerability. This vulnerability stems from the Sales.php::getInvoice function, which involves local file inclusion, potentially allowing for the reading of arbitrary files o...
CVE-2026-26746
OpenSourcePOS 3.4.1 contains a Local File Inclusion LFI vulnerability in the Sales.php::getInvoice function. An attacker can read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue can be chained with the file upload functionality to achieve Remote Code...
CVE-2026-26746
OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) in Sales.php::getInvoice() that can read arbitrary server files by manipulating the Invoice Type configuration; this can be chained with the file upload feature to achieve Remote Code Execution. The initial documents do not provide exploit...
CVE-2026-26746
OpenSourcePOS 3.4.1 contains a Local File Inclusion LFI vulnerability in the Sales.php::getInvoice function. An attacker can read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue can be chained with the file upload functionality to achieve Remote Code...