CVE-2023-36347
HIGH NUCLEIPOS Codekop v2.0 - Auth Bypass
Title source: llmDescription
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.
Nuclei Templates (1)
POS Codekop v2.0 - Broken Authentication
HIGHby princechaddha
Scores
CVSS v3
7.5
EPSS
0.8448
EPSS Percentile
99.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-306
Status
published
Products (1)
codekop/codekop
2.0
Published
Jun 30, 2023
Tracked Since
Feb 18, 2026