VYPR
Vendor

Phppointofsale

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2025-41011MedApr 21, 2026
    risk 0.40cvss 6.1epss 0.00

    HTML injection vulnerability in PHP Point of Sale v19.4. This vulnerability allows an attacker to render HTML in the victim's browser due to a lack of proper validation of user input by sending a request to '/reports/generate/specific_customer', ussing 'start_date_formatted' y…

  • CVE-2011-3785Sep 24, 2011
    risk 0.00cvss epss 0.01

    PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.

  • CVE-2007-1477Mar 16, 2007
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in index.php in PHP Point Of Sale for osCommerce 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cfg_language parameter. NOTE: this issue has been disputed by CVE, since the cfg_language…