Approved changes feed: RSS · Atom

cpe:2.3:a:ajaysharma:cups_easy:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

VendorAjaysharma (5b887dd0-8433-5366-9570-f00324d583dc)
ProductCups Easy (97756449-92ce-5daf-a38a-43e2f5031b29)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:sourceforge/cupseasy purl2cpe 2026-06-01 10:14:21.445839

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-23896 vulnerable 2026-06-08 06:29:40.815994 Cross-Site Scripting (XSS) vulnerability in Cups Easy
HIGH (8.2)
A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/stock.php, in the batchno parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.
Published: 2024-01-26T10:18:48.981Z
Updated: 2025-05-29T15:13:06.184Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23895 vulnerable 2026-06-08 06:29:40.815337 Cross-Site Scripting (XSS) vulnerability in Cups Easy
HIGH (8.2)
A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/locationcreate.php, in the locationid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.
Published: 2024-02-02T09:18:59.384Z
Updated: 2024-08-01T23:13:08.578Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23894 vulnerable 2026-06-08 06:29:40.814566 Cross-Site Scripting (XSS) vulnerability in Cups Easy
HIGH (8.2)
A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/stockissuancecreate.php, in the issuancedate parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.
Published: 2024-01-26T10:18:03.947Z
Updated: 2025-05-29T15:13:12.890Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23893 vulnerable 2026-06-08 06:29:40.814074 Cross-Site Scripting (XSS) vulnerability in Cups Easy
HIGH (8.2)
A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/costcentermodify.php, in the costcenterid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.
Published: 2024-01-26T10:17:45.900Z
Updated: 2025-05-29T15:13:20.020Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23892 vulnerable 2026-06-08 06:29:40.813456 Cross-Site Scripting (XSS) vulnerability in Cups Easy
HIGH (8.2)
A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/costcentercreate.php, in the costcenterid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.
Published: 2024-01-26T10:17:19.018Z
Updated: 2025-05-29T15:13:26.485Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23891 vulnerable 2026-06-08 06:29:40.812959 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23890 vulnerable 2026-06-08 06:29:40.812415 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23889 vulnerable 2026-06-08 06:29:40.811837 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23888 vulnerable 2026-06-08 06:29:40.811412 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23887 vulnerable 2026-06-08 06:29:40.810895 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23886 vulnerable 2026-06-08 06:29:40.810268 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23885 vulnerable 2026-06-08 06:29:40.809701 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23884 vulnerable 2026-06-08 06:29:40.809149 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23883 vulnerable 2026-06-08 06:29:40.808741 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23882 vulnerable 2026-06-08 06:29:40.808312 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23881 vulnerable 2026-06-08 06:29:40.807914 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23880 vulnerable 2026-06-08 06:29:40.807415 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23879 vulnerable 2026-06-08 06:29:40.806617 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23878 vulnerable 2026-06-08 06:29:40.806062 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23877 vulnerable 2026-06-08 06:29:40.805671 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23876 vulnerable 2026-06-08 06:29:40.805255 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23875 vulnerable 2026-06-08 06:29:40.804849 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23874 vulnerable 2026-06-08 06:29:40.804440 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23873 vulnerable 2026-06-08 06:29:40.803848 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23872 vulnerable 2026-06-08 06:29:40.803299 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23871 vulnerable 2026-06-08 06:29:40.802694 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23870 vulnerable 2026-06-08 06:29:40.802088 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23869 vulnerable 2026-06-08 06:29:40.801533 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23868 vulnerable 2026-06-08 06:29:40.801059 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23867 vulnerable 2026-06-08 06:29:40.800373 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23866 vulnerable 2026-06-08 06:29:40.799732 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23865 vulnerable 2026-06-08 06:29:40.799069 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23864 vulnerable 2026-06-08 06:29:40.798495 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23863 vulnerable 2026-06-08 06:29:40.798002 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23862 vulnerable 2026-06-08 06:29:40.797370 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23861 vulnerable 2026-06-08 06:29:40.796901 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23860 vulnerable 2026-06-08 06:29:40.796402 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23859 vulnerable 2026-06-08 06:29:40.795742 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23858 vulnerable 2026-06-08 06:29:40.794924 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23857 vulnerable 2026-06-08 06:29:40.781308 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23856 vulnerable 2026-06-08 06:29:40.780644 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-23855 vulnerable 2026-06-08 06:29:40.780026 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.