Vulnerabilities > Ajaysharma > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-26 | CVE-2024-23862 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/grndisplay.php, in the grnno parameter. | 6.1 |
2024-01-25 | CVE-2024-23855 | Cross-site Scripting vulnerability in Ajaysharma Cups Easy 1.0 A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/taxcodemodify.php, in multiple parameters. | 6.1 |