26 matches found
EUVD-2023-40313
Malicious code in bioql PyPI...
CVE-2023-36348
POS Codekop v2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the filename parameter...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
POS Codekop v2.0 is affected by a broken authentication flaw in the endpoint excel.php that allows unauthenticated access to download selling data. The issue stems from improper authentication/session handling, enabling an attacker to retrieve sensitive data without valid login. Impact is describ...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
PT-2023-25544 · Unknown · Pos Codekop
Name of the Vulnerable Software and Affected Versions: POS Codekop version 2.0 Description: A broken authentication mechanism in the endpoint "excel.php" allows unauthenticated attackers to download selling data. Recommendations: For POS Codekop version 2.0, consider restricting access to the...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
CVE-2023-36346
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
Cross site scripting
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
Cross site request forgery (csrf)
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
PT-2023-25542 · Unknown · Pos Codekop
Name of the Vulnerable Software and Affected Versions: POS Codekop version 2.0 Description: A Cross-Site Request Forgery CSRF issue allows attackers to escalate privileges. Recommendations: For POS Codekop version 2.0, consider implementing proper CSRF token validation to prevent unauthorized...
CVE-2023-36346
POS Codekop v2.0 has a reflected XSS vulnerability in the print.php endpoint through the nm_member parameter. Affects the web application’s print.php handling, enabling injection of script code that could be executed in users’ browsers. The Nuclei template and Red Hat/NVD references confirm the i...