Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Best Pos Management System Security Vulnerabilities - November

cve
cve

CVE-2023-0943

A vulnerability, which was classified as problematic, has been found in SourceCodester Best POS Management System 1.0. This issue affects the function save_settings of the file index.php?page=site_settings of the component Image Handler. The manipulation of the argument img with the input ../../she...

8.8CVSS

8.7AI Score

0.003EPSS

2023-02-21 08:15 PM
47
cve
cve

CVE-2023-0945

A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "&gt;<img src> leads to cross site scripting. It is possibl...

5.4CVSS

5.3AI Score

0.001EPSS

2023-02-21 09:15 PM
20
cve
cve

CVE-2023-0946

A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file billing/index.php?id=9. The manipulation of the argument id leads to sql injection. The attack can be launched remotely....

9.8CVSS

9.7AI Score

0.002EPSS

2023-02-21 09:15 PM
33
cve
cve

CVE-2023-27202

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php.

9.8CVSS

9.7AI Score

0.002EPSS

2023-03-09 09:15 PM
27
cve
cve

CVE-2023-27203

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php.

9.8CVSS

9.7AI Score

0.002EPSS

2023-03-09 09:15 PM
25
cve
cve

CVE-2023-27204

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/manage_user.php.

9.8CVSS

9.7AI Score

0.002EPSS

2023-03-09 09:15 PM
29
cve
cve

CVE-2023-27205

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /kruxton/sales_report.php.

9.8CVSS

9.7AI Score

0.002EPSS

2023-03-09 09:15 PM
31
cve
cve

CVE-2023-27206

A cross-site scripting (XSS) vulnerability in /kruxton/navbar.php of Best POS Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter.

6.1CVSS

5.8AI Score

0.001EPSS

2023-03-09 09:15 PM
25
cve
cve

CVE-2023-3617

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin_class.php of the component Login Page. The manipulation of the argument username leads to sql injection. It is possible to initiate the atta...

9.8CVSS

9.7AI Score

0.002EPSS

2023-07-11 03:15 PM
18