There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.69) that enables remote attacker to create fin
Cross-Site Scripting (XSS) is present on the ctl00_Content01_fieldValue parameters on the /psp/appNet/TemplateOrder/TemplatePreview.aspx endpoint in edu Business Solutions Print Shop Pro WebDesk versi
Cross-Site Scripting (XSS) is present on the LoginID parameter on the /PSP/app/web/reg/reg_display.asp endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.76). Unsanit
A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this issue is the function verify_token of the file app/controllers/base.py of the componen
A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.
A vulnerability classified as problematic was found in Tmall Demo up to 20250505. Affected by this vulnerability is an unknown functionality of the component Buy Item Page. The manipulation of the arg
A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific p
A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci_session lead
A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipul
An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs prope
A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_cad.php. The manipula
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addCustomer/updateCustomer/deleteCustomer of the file dataset\repos\warehouse\sr
An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying
Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through <= 2.8.2.
A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php
A security vulnerability has been detected in Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping Cart Solution 5. Affected by this issue is some unknown functionality of the file /submit_checkout
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View
A vulnerability, which was classified as problematic, was found in Tmall Demo up to 20250505. This affects an unknown part of the file /tmall/order/pay/ of the component Payment Identifier Handler. Th
A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific i
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Chec
Page 1+ Next →