Hungnqdz

**Name of the Vulnerable Software and Affected Versions** OpenSourcePOS version 3.4.1 **Description** The software contains a second order SQL Injection issue in how it handles the `currency symbol` configuration field. The input is stored and later used in a dynamically constructed SQL query without proper sanitization. This allows an attacker who can modify the `currency symbol` value to inject SQL expressions that are executed when the query is processed. The vulnerable configuration field is `currency symbol`. **Recommendations** Apply updates to address the improper handling of the `currency symbol` configuration field.

**Name of the Vulnerable Software and Affected Versions** OpenSourcePOS version 3.4.1 **Description** The application contains a Local File Inclusion (LFI) issue within the `Sales.php::getInvoice()` function. An attacker can potentially read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue may be combined with the file upload functionality to achieve Remote Code Execution (RCE). **Recommendations** Apply updates to address the issue in the `Sales.php::getInvoice()` function.

**Name of the Vulnerable Software and Affected Versions** Monica version 4.1.2 **Description** A Host Header Poisoning issue exists due to improper handling of the HTTP Host header in the file `app/Providers/AppServiceProvider.php`. This is combined with a default misconfiguration where `app.force url` is not set, defaulting to "false". The application constructs absolute URLs, including those in password reset emails, using the user-supplied Host header. This allows attackers to manipulate the password reset link sent to a victim. **Recommendations** Update to a newer version that contains a fix for this vulnerability.