wallaceit wallacepos の CVE(4 件)

CVE 件数: 4 CPE versions: View versions table

概要

本ページは wallaceit wallacepos に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 14 / 4 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2019-3960 Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file. [email protected] 7.2 3.02% 2019-07-31 2026-06-16
CVE-2019-3959 Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. [email protected] 8.8 0.83% 2019-07-31 2026-06-16
CVE-2019-3958 Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting (XSS) attacks via a crafted sales transaction. [email protected] 5.4 0.85% 2019-07-31 2026-06-16
CVE-2017-7388 A Cross-Site Scripting (XSS) was discovered in 'wallacepos v1.4.1'. The vulnerability exists due to insufficient filtration of user-supplied data (token) passed to the 'wallacepos-master/myaccount/resetpassword.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. [email protected] 6.1 0.84% 2017-03-31 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence