CVE-2022-48324

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-48324

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48324.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-48324

Published

2023-02-16T21:15:14.023Z

Modified

2026-04-10T04:53:04.383487Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) pesquisa, (2) data, (3) data2, (4) nome, (5) descricao, (6) idDocumentos, (7) id in file application/controllers/Arquivos.php; (8) senha, (9) nomeCliente, (10) contato, (11) documento, (12) telefone, (13) celular, (14) email, (15) rua, (16) numero, (17) complemento, (18) bairro, (19) cidade, (20) estado, (21) cep, (22) idClientes, (23) id in file application/controllers/Clientes.php; (24) id, (25) tipo, (26) formapagamento, (27) gatewaydepagamento, (28) excluirid, (29) confirmaid, (30) cancelaid in file application/controllers/Cobrancas.php; (31) vencimentode, (32) vencimentoate, (33) cliente, (34) tipo, (35) status, (36) valordesconto, (37) desconto, (38) periodo, (39) perpage, (40) urlAtual, (41) vencimento, (42) recebimento, (43) valor, (44) recebido, (45) formaPgto, (46) descontoparc, (47) entrada, (48) qtdparcelasparc, (49) valorparc, (50) diapgto, (51) diabasepgto, (52) comissao, (53) descricaoparc, (54) clienteparc, (55) observacoesparc, (56) formaPgtoparc, (57) tipoparc, (58) pagamento, (59) pago, (60) valordesconto_editar, (61) descricao, (62) fornecedor, (63) observacoes, (64) id in file application/controllers/Financeiro.php; (65) refGarantia, (66) textoGarantia, (67) idGarantias in file application/controllers/Garantias.php; (68) email, (69) senha in file application/controllers/Login.php.

References

Affected packages

Git / github.com/ramonsilva20/mapos

Affected ranges

Type

GIT

Repo

https://github.com/ramonsilva20/mapos

Events

Introduced

Last affected

efb2b5fa0a05e94229e0c2fb426a292d4bfe4749

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.39.0"
        }
    ]
}

Affected versions

v2.*

v2.6.4

v3.*

v3.1.11

v3.1.5

v3.10.0

Other

v4.*

v4.1.0

v4.1.1

v4.1.2

v4.10.0

v4.11.0

v4.11.1

v4.11.2

v4.12.0

v4.13.1

v4.13.2

v4.14.0

v4.14.1

v4.15.0

v4.15.1

v4.16.0

v4.17.0

v4.17.1

v4.18.0

v4.19.0

v4.2.0

v4.2.1

v4.2.2

v4.20.0

v4.20.1

v4.20.2

v4.21.0

v4.22.0

v4.23.0

v4.24.0

v4.25.0

v4.25.1

v4.26.0

v4.26.2

v4.27.0

v4.28.0

v4.29.0

v4.3

v4.30.0

v4.30.1

v4.30.2

v4.30.3

v4.31.0

v4.31.1

v4.32.0

v4.32.1

v4.33.0

v4.33.1

v4.34.0

v4.35.0

v4.35.1

v4.36.1

v4.36.2

v4.37.0

v4.38.0

v4.39.0

v4.4.0

v4.4.1

v4.5.0

v4.5.1

v4.5.2

v4.5.3

v4.5.4

v4.6.0

v4.6.1

v4.6.2

v4.7.0

v4.7.1

v4.7.4

v4.7.5

v4.8.0

v4.8.1

v4.8.2

v4.8.3

v4.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48324.json"