Nixon-H

**Name of the Vulnerable Software and Affected Versions** detronetdip E-commerce version 1.0.0 **Description** A security flaw exists in detronetdip E-commerce 1.0.0, specifically within the `Delete/Update` function of the Product Management Module. Manipulation of the `ID` argument can lead to authorization bypass. Remote exploitation is possible, and the exploit has been publicly released. The project was notified of the issue but has not yet responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** detronetdip E-commerce version 1.0.0 **Description** A weakness exists in detronetdip E-commerce 1.0.0 that could allow for cross site scripting. This is due to a manipulation affecting the `get safe value` function within the `utility/function.php` file. The attack can be executed remotely. The exploit has been made publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** detronetdip E-commerce version 1.0.0 **Description** A security flaw exists in detronetdip E-commerce 1.0.0 related to unrestricted file upload. The issue affects the processing of the file `/seller/assets/backend/profile/addadhar.php`. Manipulation of the `File` argument allows for unrestricted upload. Remote exploitation is possible, and the exploit has been publicly released. The project maintainers were informed of the issue but have not responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** detronetdip E-commerce version 1.0.0 **Description** A weakness exists in detronetdip E-commerce 1.0.0 related to account creation. A manipulation of the `email` argument within an unknown function of the file `/Admin/assets/backend/seller/add seller.php` can lead to missing authentication. This issue can be exploited remotely. The exploit has been publicly released. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open Source Point of Sale versions 3.4.0 through 3.4.1 **Description** Open Source Point of Sale is a web-based point of sale application written in PHP using the CodeIgniter framework. A Stored Cross-Site Scripting (XSS) issue exists in the "Return Policy" configuration field in versions 3.4.0 through 3.4.1. The application does not properly sanitize user input before saving it to the database or displaying it on receipts. An attacker with access to the "Store Configuration" can inject malicious JavaScript payloads into this field. These payloads are executed in the browser of any user when they view a receipt or complete a transaction, potentially leading to session hijacking or theft of sensitive data. The vulnerability is due to a lack of proper output escaping when displaying the "Return Policy" field on receipts. **Recommendations** Update to version 3.4.2, which includes a fix that escapes the output using the `esc()` function in the receipt template. As a temporary mitigation, ensure the "Return Policy" field contains only plain text and avoid entering any HTML tags.

**Name of the Vulnerable Software and Affected Versions** Open Source Point of Sale versions 3.4.0 through 3.4.1 **Description** Open Source Point of Sale is a web based point of sale application written in PHP using the CodeIgniter framework. Versions 3.4.0 through 3.4.1 have a Cross-Site Request Forgery (CSRF) issue because the CSRF protection mechanism was explicitly disabled. This allows an unauthenticated remote attacker to create a malicious web page that, when visited by a logged-in administrator, forces the browser to send unauthorized requests to the application. A successful exploit allows the attacker to create a new Administrator account with full privileges, leading to a complete system takeover. The vulnerability is related to the configuration of the CSRF filter in `app/Config/Filters.php`. **Recommendations** Versions 3.4.0 and 3.4.1 should be updated to version 3.4.2. As a temporary workaround, administrators can manually re-enable the CSRF filter in `app/Config/Filters.php` by uncommenting the protection line, but this is not recommended without applying the full patch due to potential functionality breakage in the Sales module.