Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for SalePro POS by LionCoders
CVE-2025-10776 (GCVE-0-2025-10776)
Vulnerability from nvd – Published: 2025-09-22 01:32 – Updated: 2025-09-22 15:56
VLAI
Title
LionCoders SalePro POS Login cleartext transmission
Summary
A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325132 | vdb-entry |
| https://vuldb.com/?ctiid.325132 | signaturepermissions-required |
| https://vuldb.com/?submit.650795 | third-party-advisory |
| https://github.com/PlsRevert/CVEs/issues/1 | issue-tracking |
| https://github.com/PlsRevert/CVEs/issues/1#issue-… | exploitissue-tracking |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| LionCoders | SalePro POS |
Affected:
5.0
Affected: 5.1 Affected: 5.2 Affected: 5.3 Affected: 5.4 Affected: 5.5.0 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10776",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T15:56:10.671486Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T15:56:18.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1#issue-3398101584"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Login"
],
"product": "SalePro POS",
"vendor": "LionCoders",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.2"
},
{
"status": "affected",
"version": "5.3"
},
{
"status": "affected",
"version": "5.4"
},
{
"status": "affected",
"version": "5.5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "JaredLoo (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in LionCoders SalePro POS bis 5.5.0 gefunden. Es ist betroffen eine unbekannte Funktion der Komponente Login. Durch Beeinflussen mit unbekannten Daten kann eine cleartext transmission of sensitive information-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T01:32:06.266Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325132 | LionCoders SalePro POS Login cleartext transmission",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325132"
},
{
"name": "VDB-325132 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325132"
},
{
"name": "Submit #650795 | LionCoders SalePro POS 5.5.0 Cleartext Transmission of Sensitive Information",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.650795"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1#issue-3398101584"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-21T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-21T10:37:53.000Z",
"value": "VulDB entry last update"
}
],
"title": "LionCoders SalePro POS Login cleartext transmission"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10776",
"datePublished": "2025-09-22T01:32:06.266Z",
"dateReserved": "2025-09-21T08:32:45.752Z",
"dateUpdated": "2025-09-22T15:56:18.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10776 (GCVE-0-2025-10776)
Vulnerability from cvelistv5 – Published: 2025-09-22 01:32 – Updated: 2025-09-22 15:56
VLAI
Title
LionCoders SalePro POS Login cleartext transmission
Summary
A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.325132 | vdb-entry |
| https://vuldb.com/?ctiid.325132 | signaturepermissions-required |
| https://vuldb.com/?submit.650795 | third-party-advisory |
| https://github.com/PlsRevert/CVEs/issues/1 | issue-tracking |
| https://github.com/PlsRevert/CVEs/issues/1#issue-… | exploitissue-tracking |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| LionCoders | SalePro POS |
Affected:
5.0
Affected: 5.1 Affected: 5.2 Affected: 5.3 Affected: 5.4 Affected: 5.5.0 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10776",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T15:56:10.671486Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T15:56:18.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1#issue-3398101584"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Login"
],
"product": "SalePro POS",
"vendor": "LionCoders",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.2"
},
{
"status": "affected",
"version": "5.3"
},
{
"status": "affected",
"version": "5.4"
},
{
"status": "affected",
"version": "5.5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "JaredLoo (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in LionCoders SalePro POS up to 5.5.0. This issue affects some unknown processing of the component Login. Performing manipulation results in cleartext transmission of sensitive information. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in LionCoders SalePro POS bis 5.5.0 gefunden. Es ist betroffen eine unbekannte Funktion der Komponente Login. Durch Beeinflussen mit unbekannten Daten kann eine cleartext transmission of sensitive information-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "Cryptographic Issues",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T01:32:06.266Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-325132 | LionCoders SalePro POS Login cleartext transmission",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.325132"
},
{
"name": "VDB-325132 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.325132"
},
{
"name": "Submit #650795 | LionCoders SalePro POS 5.5.0 Cleartext Transmission of Sensitive Information",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.650795"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/PlsRevert/CVEs/issues/1#issue-3398101584"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-21T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-21T10:37:53.000Z",
"value": "VulDB entry last update"
}
],
"title": "LionCoders SalePro POS Login cleartext transmission"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10776",
"datePublished": "2025-09-22T01:32:06.266Z",
"dateReserved": "2025-09-21T08:32:45.752Z",
"dateUpdated": "2025-09-22T15:56:18.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}