2 matches found
CVE-2021-41492
Concretely, CVE-2021-41492 affects Sourcecodester Simple Cashiering System (POS) v1.0. It has SQL injection vulnerabilities in three vectors: (1) Product Code on the POS page, (2) the id parameter in manage_products, and (3) the t parameter in actions.php. The root cause is lack of input filterin...
CVE-2022-3949
CVE-2022-3949 affects Sourcecodester Simple Cashiering System, specifically the User Account Handler where manipulating the fullname parameter triggers cross-site scripting (XSS). Reported to permit remote initiation, with no documented exploit details in the provided sources. The impact is descr...