A weakness has been identified in code-projects POS Pharmacy System 1.0. Affected is an unknown function of the file /main/products.php. This manipulation of the argument product_code/gen_name/product_name/supplier causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
History

Thu, 04 Sep 2025 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Code-projects
Code-projects pharmacy Management System
Vendors & Products Code-projects
Code-projects pharmacy Management System

Wed, 03 Sep 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 03 Sep 2025 17:15:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in code-projects POS Pharmacy System 1.0. Affected is an unknown function of the file /main/products.php. This manipulation of the argument product_code/gen_name/product_name/supplier causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Title code-projects POS Pharmacy System products.php cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 2.4, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 2.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-09-03T18:48:53.796Z

Reserved: 2025-09-03T11:11:07.764Z

Link: CVE-2025-9921

cve-icon Vulnrichment

Updated: 2025-09-03T18:48:45.941Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-09-03T17:15:35.240

Modified: 2025-09-04T15:35:29.497

Link: CVE-2025-9921

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-04T13:12:17Z