Wallacepos@1.4.3 Security Vulnerabilities and Issues — Wallacepos@1.4.3 CVE List

Lucene search

WallaceitWallacepos1.4.3

3 matches found

CVE•added 2019/07/31 6:15 p.m.•65 views

CVE-2019-3960

Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file.

7.2CVSS7.2AI score0.02453EPSS

CVE•added 2019/07/31 6:15 p.m.•63 views

CVE-2019-3958

Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks via a crafted sales transaction.

5.4CVSS5AI score0.00157EPSS

CVE•added 2019/07/31 6:15 p.m.•61 views

CVE-2019-3959

Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

8.8CVSS8.5AI score0.00209EPSS