CNNVD-202602-2284 Information

CNNVD ID

CNNVD-202602-2284

Related CVE

CVE-2025-70093

• CNNVD Published: 2026-02-13

Description (Chinese)

opensourcepos是opensourcepos开源的一个销售点系统。 opensourcepos 3.4.1版本存在安全漏洞，该漏洞源于处理特制AJAX响应不当，可能导致执行任意代码。

Description (English)

Opensourcepos is an open-source marketing point system. There is a security loophole in version 3.4.1 of the opensourcepos, which stems from an inappropriate response to the ad hoc AJAX, which could lead to the enforcement of arbitrary codes.

Vulnerability Type

其他

Affected Vendor

opensourcepos

Published

2026-02-13

Last Modified

2026-02-24

References

https://github.com/hungnqdz/cve-research/blob/main/CVE-2025-70093.md https://github.com/opensourcepos/opensourcepos/pull/4357 https://www.opensourcepos.org

Patch

https://github.com/opensourcepos/opensourcepos/releases