Alphabug

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A security issue has been identified in itsourcecode POS Point of Sale System. Manipulation of the `scripts` argument can lead to cross-site scripting. The attack may be performed remotely. The exploit has been disclosed publicly. The affected element is an unknown function within the `/inventory/main/vendors/datatables/unit testing/templates/dymanic table.php` file. **Recommendations** As a temporary workaround, consider restricting access to the `/inventory/main/vendors/datatables/unit testing/templates/dymanic table.php` file until a fix is available.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A weakness exists in itsourcecode POS Point of Sale System that allows for cross site scripting. The issue is related to the manipulation of the `scripts` argument and impacts an unknown function within the file `/inventory/main/vendors/datatables/unit testing/templates/dom data th.php`. The attack can be carried out remotely. The exploit has been made publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A security flaw has been discovered that allows for cross site scripting through the manipulation of the `scripts` argument. The issue affects the processing of the file `/inventory/main/vendors/datatables/unit testing/templates/dom data two headers.php`. The attack can be executed remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A cross site scripting issue exists in itsourcecode POS Point of Sale System. The issue is located in an unknown function of the file `/inventory/main/vendors/datatables/unit testing/templates/empty table.php`. Manipulation of the `scripts` argument can trigger the issue, and it is possible to initiate the attack remotely. The exploit is publicly available. **Recommendations** As a temporary workaround, consider restricting access to the file `/inventory/main/vendors/datatables/unit testing/templates/empty table.php` to minimize the risk of exploitation. Avoid using the `scripts` parameter in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A vulnerability exists in itsourcecode POS Point of Sale System that allows for cross site scripting. The vulnerability affects unknown code within the file `/inventory/main/vendors/datatables/unit testing/templates/deferred table.php`. Manipulation of the `scripts` argument can lead to exploitation. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A cross-site scripting issue exists in itsourcecode POS Point of Sale System 1.0. Manipulation of the `scripts` argument in the file `/inventory/main/vendors/datatables/unit testing/templates/6776.php` can lead to exploitation. The attack can be launched remotely. **Recommendations** As a temporary workaround, consider restricting access to the file `/inventory/main/vendors/datatables/unit testing/templates/6776.php` until a fix is available. Avoid using the `scripts` parameter in the affected file until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A security flaw exists in itsourcecode POS Point of Sale System 1.0. The vulnerability affects unknown code within the `/inventory/main/vendors/datatables/unit testing/templates/complex header 2.php` file. Manipulation of the `scripts` argument can lead to cross-site scripting. The attack can be initiated remotely, and the exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A cross site scripting issue exists due to the manipulation of the `scripts` argument. This can be initiated remotely and affects some unknown functionality of the file `/inventory/main/vendors/datatables/unit testing/templates/2512.php`. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the file `/inventory/main/vendors/datatables/unit testing/templates/2512.php` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** itsourcecode POS Point of Sale System version 1.0 **Description** A cross site scripting issue exists in itsourcecode POS Point of Sale System version 1.0. The vulnerability is located in an unknown functionality of the file `/inventory/main/vendors/datatables/unit testing/templates/-complex header.php`. Manipulation of the `scripts` argument can lead to exploitation. The exploit has been made public. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DeDeCMS versions up to 5.7.112 **Description** A critical vulnerability has been found in DeDeCMS, affecting an unknown function of the file `file class.php` in the Backend component. This vulnerability leads to unrestricted upload and can be exploited remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For DeDeCMS versions up to 5.7.112, as a temporary workaround, consider disabling the affected function in the `file class.php` file until a patch is available. Restrict access to the Backend component to minimize the risk of exploitation. Avoid using the vulnerable function in the Backend component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.