Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) vulnerability in the Sales.php::getInvoice() function. An attacker can read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue can be chained with the file upload functionality to achieve Remote Code Execution (RCE).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
opensourcepos 安全漏洞
Vulnerability Description
opensourcepos是opensourcepos开源的一个销售点系统。 opensourcepos 3.4.1版本存在安全漏洞,该漏洞源于Sales.php::getInvoice()函数存在本地文件包含,可能导致读取任意文件或远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A