Missing Authorization

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Missing Authorization in the itemdelete, itemretire, itemreinstate, itempictureupload, itempicturesave, and itempicturedelete endpoin...

CVE-2026-28354 ClipBucket v5 has IDOR in Collection Item Management

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item /actions/addtocollection.php due to missi...

CVE-2025-70095

A cross-site scripting XSS vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

CVE-2025-70095

A cross-site scripting XSS vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

CVE-2025-70095

A cross-site scripting XSS vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

CVE-2025-70095

OpenSourcePOS v3.4.1 is affected by a cross-site scripting (XSS) vulnerability in the item management and sales invoice function. Multiple feeds corroborate that an attacker can inject a crafted payload to execute arbitrary web scripts or HTML. Some sources flag insufficient input validation as t...

PT-2026-8003

A cross-site scripting XSS vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

CVE-2025-70095

A cross-site scripting XSS vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

opensourcepos 安全漏洞

OpenSourcedPOS is an open-source point-of-sale system. Version 3.4.1 of OpenSourcedPOS has a security vulnerability. This vulnerability stems from insufficient input validation in the item management and sales invoice functions, which may lead to cross-site scripting attacks...

CVE-2025-70095

A cross-site scripting XSS vulnerability in the item management and sales invoice function of OpenSourcePOS v3.4.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...

How to rename items on StoreFront?

To rename items as per the requirement...

Mobius Forensic Toolkit v0.5.7 released !

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tool. Changelog Six news registry reports were...