Best Pos Management System Security Vulnerabilities and Issues — Best Pos Management System CVE List

Lucene search

Best Pos Management System ProjectBest Pos Management System

9 matches found

CVE•added 2023/02/21 8:15 p.m.•66 views

CVE-2023-0943

A vulnerability, which was classified as problematic, has been found in SourceCodester Best POS Management System 1.0. This issue affects the function save_settings of the file index.php?page=site_settings of the component Image Handler. The manipulation of the argument img with the input ../../she...

8.8CVSS6.6AI score0.00679EPSS

CVE•added 2023/03/09 9:15 p.m.•48 views

CVE-2023-27205

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /kruxton/sales_report.php.

9.8CVSS9.7AI score0.00066EPSS

CVE•added 2023/03/09 9:15 p.m.•46 views

CVE-2023-27202

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php.

9.8CVSS9.7AI score0.00066EPSS

CVE•added 2023/02/21 9:15 p.m.•43 views

CVE-2023-0946

A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file billing/index.php?id=9. The manipulation of the argument id leads to sql injection. The attack can be launched remotely....

9.8CVSS8.3AI score0.00045EPSS

CVE•added 2023/03/09 9:15 p.m.•43 views

CVE-2023-27203

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php.

9.8CVSS9.7AI score0.00066EPSS

CVE•added 2023/03/09 9:15 p.m.•42 views

CVE-2023-27204

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/manage_user.php.

9.8CVSS9.7AI score0.00066EPSS

CVE•added 2023/03/09 9:15 p.m.•41 views

CVE-2023-27206

A cross-site scripting (XSS) vulnerability in /kruxton/navbar.php of Best POS Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter.

6.1CVSS5.8AI score0.0009EPSS

CVE•added 2023/07/11 3:15 p.m.•35 views

CVE-2023-3617

A vulnerability was found in SourceCodester Best POS Management System 1.0. It has been classified as critical. This affects an unknown part of the file admin_class.php of the component Login Page. The manipulation of the argument username leads to sql injection. It is possible to initiate the atta...

9.8CVSS8.8AI score0.00053EPSS

CVE•added 2023/02/21 9:15 p.m.•29 views

CVE-2023-0945

A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "> leads to cross site scripting. It is possible to laun...

5.4CVSS4.4AI score0.00059EPSS