CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2026/02/01 1:15 p.m.•2 views

CVE-2021-47908

Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability through product add or edit functions to execute arbitrary JavaScript and potentially hijack us...

6.4CVSS0.00021EPSS

Exploits0References3

Vulnrichment•added 2026/02/01 12:15 p.m.•1 views

CVE-2021-47908 Ultimate POS 4.4 Persistent Cross-Site Scripting via Product Name

6.4CVSS5.5AI score0.00021EPSS

Exploits0References3

ATTACKERKB•added 2026/02/01 12:15 p.m.•1 views

CVE-2021-47908

6.4CVSS6.1AI score0.00021EPSS

Exploits0References3

CVE•added 2026/02/01 12:15 p.m.•4 views

CVE-2021-47908

CVE-2021-47908 affects Ultimate POS 4.4. The vulnerability is a persistent cross-site scripting (XSS) in the product name parameter, exploitable via product add/edit functions, allowing remote attackers to execute arbitrary JavaScript and potentially hijack user sessions. The connected documents ...

6.4CVSS6.1AI score0.00021EPSS

Exploits0References3

Cvelist•added 2026/02/01 12:15 p.m.•26 views

CVE-2021-47908 Ultimate POS 4.4 Persistent Cross-Site Scripting via Product Name

6.4CVSS0.00021EPSS

Exploits0References3

CNNVD•added 2026/02/01 12:0 a.m.•3 views

The Web Fosters Ultimate POS 跨站脚本漏洞

The Web Fosters Ultimate POS is a comprehensive point-of-sale calendar system developed by The Web Fosters company in India. Version 4.4 of The Web Fosters Ultimate POS contains a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site scripting flaw in the produ...

6.4CVSS5.7AI score0.00021EPSS

Exploits0References3

0day.today•added 2021/11/03 12:0 a.m.•170 views

Ultimate POS 4.4 - (name) Cross-Site Scripting Vulnerability

Exploit Title: Ultimate POS 4.4 - 'name' Cross-Site Scripting XSS Vendor Homepage: https://ultimatefosters.com/docs/ultimatepos/ Version: 4.4 Product & Service Introduction: =============================== The Ultimate POS is a erp, stock management, point of sale & invoicing web-application. The...

7.1AI score

Exploits0

Exploit DB•added 2021/11/03 12:0 a.m.•322 views

Ultimate POS 4.4 - 'name' Cross-Site Scripting (XSS)

Exploit Title: Ultimate POS 4.4 - 'name' Cross-Site Scripting XSS Date: 2021-10-26 Exploit Author: Vulnerability Lab Vendor Homepage: https://ultimatefosters.com/docs/ultimatepos/ Version: 4.4 Document Title: =============== Ultimate POS v4.4 - Products Persistent XSS Vulnerability References...

7.4AI score

Exploits0

Packet Storm•added 2021/10/26 12:0 a.m.•495 views

Ultimate POS 4.4 Cross Site Scripting

Document Title: =============== Ultimate POS v4.4 - Products Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2296 Release Date: ============= 2021-10-26 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by