Vulnerabilities > Ajaysharma > Cups Easy > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-26 | CVE-2024-23886 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/itemmodify.php, in the bincardinfo parameter. | 6.1 |
2024-01-26 | CVE-2024-23887 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/grncreate.php, in the grndate parameter. | 6.1 |
2024-01-26 | CVE-2024-23888 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/stocktransactionslist.php, in the itemidy parameter. | 6.1 |
2024-01-26 | CVE-2024-23889 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/itemgroupcreate.php, in the itemgroupid parameter. | 6.1 |
2024-01-26 | CVE-2024-23856 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/itemlist.php, in the description parameter. | 6.1 |
2024-01-26 | CVE-2024-23857 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/grnlinecreate.php, in the batchno parameter. | 6.1 |
2024-01-26 | CVE-2024-23858 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/stockissuancelinecreate.php, in the batchno parameter. | 6.1 |
2024-01-26 | CVE-2024-23859 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/taxstructurelinecreate.php, in the flatamount parameter. | 6.1 |
2024-01-26 | CVE-2024-23860 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/currencylist.php, in the description parameter. | 6.1 |
2024-01-26 | CVE-2024-23861 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/unitofmeasurementcreate.php, in the unitofmeasurementid parameter. | 6.1 |