Every CVE whose affected-product data names Wallaceit Wallacepos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-3959 — CVSS 8.8 (high): Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate…
CVE-2019-3960 — CVSS 7.2 (high): Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by…
CVE-2017-7388 — CVSS 6.1 (medium): A Cross-Site Scripting (XSS) was discovered in 'wallacepos v1.4.1'. The vulnerability exists due to insufficient filtration of…
CVE-2019-3958 — CVSS 5.4 (medium): Insufficient output sanitization in WallacePOS 1.4.3 allows a remote, authenticated attacker to conduct persistent cross-site scripting…