Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-13566

Malware in sbrugna...

8.8CVSS8.8AI score0.00832EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:44 a.m.9 views

CVE-2019-3959

Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

8.8CVSS6.9AI score0.00832EPSS
Exploits1References1
NVD
NVD
added 2019/07/31 6:15 p.m.18 views

CVE-2019-3960

Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file...

7.2CVSS7.3AI score0.03019EPSS
Exploits1References1
OSV
OSV
added 2019/07/31 6:15 p.m.17 views

CVE-2019-3959

Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

8.8CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2019/07/31 6:15 p.m.22 views

CVE-2019-3958

Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks via a crafted sales transaction...

5.4CVSS5.1AI score0.00855EPSS
Exploits1References1
Prion
Prion
added 2019/07/31 6:15 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

6.8CVSS8.4AI score0.00832EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/07/31 6:15 p.m.23 views

Cross site scripting

Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks via a crafted sales transaction...

3.5CVSS5AI score0.00855EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/31 5:22 p.m.71 views

CVE-2019-3959

CVE-2019-3959 affects WallacePOS 1.4.3 via Cross-Site Request Forgery. A remote attacker can trigger sensitive actions by convincing a logged-in user to visit a crafted link. Root causes cited include inadequate verification of request origin in the web application. CVSS data in the record indica...

8.8CVSS8.5AI score0.00832EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/31 5:22 p.m.15 views

CVE-2019-3959

Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

8.6AI score0.00832EPSS
Exploits1References1
Rows per page
Query Builder