A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 15 Aug 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 15 Aug 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared 1000projects
1000projects sales Management System
CPEs cpe:2.3:a:1000projects:sales_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products 1000projects
1000projects sales Management System

Thu, 14 Aug 2025 06:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Title 1000 Projects Sales Management System sales.php cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-08-15T21:38:30.012Z

Reserved: 2025-08-13T11:54:00.977Z

Link: CVE-2025-8933

cve-icon Vulnrichment

Updated: 2025-08-15T21:38:21.775Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-14T04:15:56.740

Modified: 2025-09-25T20:29:29.370

Link: CVE-2025-8933

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.