pkg:Packagist/facturascripts/facturascripts
共 20 筆 CVECRITICAL2HIGH2MEDIUM12LOW1
✅ 檢查你的版本
所有已知漏洞
- from 0, < 2022.08
- from 0, < 2022.06
- HIGH8.0CVE-2026-23997FacturaScripts has Stored Cross-Site Scripting (XSS) in "Observations" field via History Viewfrom 0, <= 2025.71
- HIGH7.2CVE-2026-27891FacturaScripts Vulnerable to Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanismfrom 0, <= 2025.71
- MEDIUM6.5CVE-2026-27892FacturaScripts Vulnerable to Unstripped Image Metadata (EXIF) Leakage via Library Module File Upload/Downloadfrom 0, <= 2025.81
- from 0, <= 2022.08
- MEDIUM6.3CVE-2026-42879FacturaScripts Vulnerable to Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Imagesfrom 0, <= 2025.81
- from 0, < 2022.06
- from 0, < 2022.08
- from 0, < 2022.07
- MEDIUM5.4CVE-2026-42877FacturaScripts vulnerable to stored XSS via product reference in sales/purchasesfrom 0, <= 2025.92
- from 0, < 2025.81
- from 0, < 2022.06
- from 0, <= 2022.08
- MEDIUM5.3CVE-2026-42878FacturaScripts Vulnerable to Unauthenticated phpinfo() Disclosure via Installer Endpoint>= 2026, <= 2026.1
- MEDIUM4.3CVE-2026-32699FacturaScripts has Insecure Parameter Handling: Unauthorized Modification of Immutable 'nick' Fieldfrom 0, <= 2024.92.x-dev
- LOW3.9CVE-2026-27964FacturaScripts vulnerable to Reflected Cross-Site Scripting (XSS) via Cookie Manipulationfrom 0, <= 2025.71
- from 0, < 2025.81
- from 0, < 2025.81
- —CVE-2025-69210FacturaScripts is Vulnerable to Stored Cross-Site Scripting (XSS) via XML File Uploadfrom 0, < 2025.7