Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2025/12/17 10:16 p.m.12 views

CVE-2025-68147

Summary (CVE-2025-68147 for OpenSourcePOS) OpenSourcePOS (CodeIgniter PHP app) versions 3.4.0–3.4.1 contain a stored XSS in the “Return Policy” field of the Store Configuration. The flaw stems from insufficient sanitization when saving/displaying the policy, allowing an attacker with configuratio...

8.1CVSS5AI score0.00047EPSS
Exploits4References3Affected Software1
EUVD
EUVDadded 2025/12/17 10:16 p.m.6 views

EUVD-2025-204017

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Stored Cross-Site Scripting XSS vulnerability exists in the "Return Policy" configuration field. The application doe...

8.1CVSS5AI score0.00047EPSS
Exploits4References3
OSV
OSVadded 2025/12/17 10:16 p.m.4 views

CVE-2025-68147 opensourcepos has a Cross-site Scripting vulnerability

Open Source Point of Sale opensourcepos is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Stored Cross-Site Scripting XSS vulnerability exists in the "Return Policy" configuration field. The application doe...

8.1CVSS5.1AI score0.00047EPSS
Exploits4References5
Rows per page
Query Builder