10 matches found
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36347
POS Codekop v2.0 is affected by a broken authentication flaw in the endpoint excel.php that allows unauthenticated access to download selling data. The issue stems from improper authentication/session handling, enabling an attacker to retrieve sensitive data without valid login. Impact is describ...
CVE-2023-36347
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
Cross site request forgery (csrf)
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...
Cross site scripting
POS Codekop v2.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the nmmember parameter at print.php...
CVE-2023-36346
POS Codekop v2.0 has a reflected XSS vulnerability in the print.php endpoint through the nm_member parameter. Affects the web application’s print.php handling, enabling injection of script code that could be executed in users’ browsers. The Nuclei template and Red Hat/NVD references confirm the i...
CVE-2023-36345
A Cross-Site Request Forgery CSRF in POS Codekop v2.0 allows attackers to escalate privileges...