J-Fy2767/CVE

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-12292 ↗	Oct 27, 2025Monday, 27 October 2025, 16:15	7.3 HIGH	7.5 HIGH
A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-12293 ↗	Oct 27, 2025Monday, 27 October 2025, 16:15	7.3 HIGH	7.5 HIGH
A vulnerability was identified in SourceCodester Point of Sales 1.0. This issue affects some unknown processing of the file /category.php. Such manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
CVE-2025-12294 ↗	Oct 27, 2025Monday, 27 October 2025, 16:15	4.7 MEDIUM	5.8 MEDIUM
A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown function of the file /delete_category.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.