Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/11/08 12:55 a.m.8 views

CVE-2025-63689

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

10CVSS8.8AI score0.00839EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/07 6:30 p.m.5 views

EUVD-2025-38273

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

10CVSS8.2AI score0.00839EPSS
Exploits1References3
NVD
NVD
added 2025/11/07 4:15 p.m.6 views

CVE-2025-63689

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

10CVSS0.00839EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.7 views

PT-2025-45449

Name of the Vulnerable Software and Affected Versions ycf1998 money-pos system versions prior to commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 Description The ycf1998 money-pos system contains multiple SQL injection vulnerabilities. A remote attacker can potentially execute arbitrary...

10CVSS6.3AI score0.00839EPSS
Exploits1References8
OSV
OSV
added 2025/11/07 12:0 a.m.6 views

CVE-2025-63689

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

10CVSS6.3AI score0.00839EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/11/07 12:0 a.m.3 views

CVE-2025-63689

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

10CVSS6.3AI score0.00839EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.3 views

money-pos 安全漏洞

money-pos McNee Cashiering System is a cashiering system by the individual developer of McNeeMoney. A security vulnerability exists in money-pos, which stems from a SQL injection vulnerability in the orderby parameter that could lead to the execution of arbitrary code...

10CVSS8AI score0.00839EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/07 12:0 a.m.2 views

CVE-2025-63689

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

8.4AI score0.00839EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/07 12:0 a.m.9 views

CVE-2025-63689

Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit 11f276bd20a41f089298d804e43cb1c39d041e59 2025-09-14 allows a remote attacker to execute arbitrary code via the orderby parameter...

0.00839EPSS
Exploits1References3
CVE
CVE
added 2025/11/07 12:0 a.m.26 views

CVE-2025-63689

CVE-2025-63689 affects the ycf1998 money-pos system prior to commit 11f276bd20a41f089298d804e43cb1c39d041e59. Multiple SQL injection vulnerabilities exist in the orderby parameter, enabling a remote attacker to execute arbitrary code. Root cause: unsafely constructed SQL with user-controlled orde...

10CVSS8.4AI score0.00839EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder