5 matches found
CVE-2026-2680
Reflected Cross-Site Scripting XSS on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es//incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser...
EUVD-2026-8852
Reflected Cross-Site Scripting XSS on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es//incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser...
CVE-2026-2680
Reflected Cross-Site Scripting XSS on the A3factura web platform, in parameter 'customerVATNumber', in 'a3factura-app.wolterskluwer.es//incomes/salesDeliveryNotes' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser...
CVE-2026-2680
CVE-2026-2680 describes a Reflected XSS in the A3factura web platform, affecting the endpoint a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes with the vulnerable parameter customerVATNumber . The issue could allow an attacker to execute arbitrary code in a victim’s browser. The CVSSv4...
PT-2024-15609 · Unknown · Kashipara Billing
Name of the Vulnerable Software and Affected Versions: Kashipara Billing Software version 1.0 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file buyer detail submit.php. The manipulation of the gstn no argument leads to sql injection. This...