Php Point Of Sale Security Vulnerabilities and Issues — Php Point Of Sale CVE List

Lucene search

PhppointofsalePhp Point Of Sale

5 matches found

CVE•added 2022/10/31 9:15 p.m.•42 views

CVE-2022-40287

The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in messaging functionality, leading to privilege escalation or a compromise of a targeted account.

9CVSS7.9AI score0.00102EPSS

CVE•added 2022/10/31 9:15 p.m.•42 views

CVE-2022-40289

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the upload and download functionality, which could be leveraged to escalate privileges or compromise any accounts they can coerce into observing the targeted files.

9CVSS8.2AI score0.00541EPSS

CVE•added 2022/10/31 9:15 p.m.•42 views

CVE-2022-40293

The application was vulnerable to a session fixation that could be used hijack accounts.

9.8CVSS9.4AI score0.00087EPSS

CVE•added 2022/10/31 9:15 p.m.•41 views

CVE-2022-40288

The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account that views their user profile.

9CVSS8.2AI score0.00102EPSS

CVE•added 2022/10/31 9:15 p.m.•39 views

CVE-2022-40296

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading to attacks in other downstream systems.

9.8CVSS9.3AI score0.00087EPSS