from 0, < 2022.08
from 0, < 2022.06
HIGH8.0FacturaScripts has Stored Cross-Site Scripting (XSS) in "Observations" field via History View
from 0, <= 2025.71
HIGH7.2FacturaScripts Vulnerable to Remote Code Execution (RCE) via Zip Slip in Plugin Upload Mechanism
from 0, <= 2025.71
MEDIUM6.5FacturaScripts Vulnerable to Unstripped Image Metadata (EXIF) Leakage via Library Module File Upload/Download
from 0, <= 2025.81
MEDIUM6.5Cross-site Scripting in FacturaScripts
from 0, <= 2022.08
MEDIUM6.3FacturaScripts Vulnerable to Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Images
from 0, <= 2025.81
MEDIUM6.1Cross site scripting in facturascripts
from 0, < 2022.06
MEDIUM6.1Cross-site Scripting in facturascripts
from 0, < 2022.08
MEDIUM6.1Cross-site Scripting in FacturaScripts
from 0, < 2022.07
MEDIUM5.4FacturaScripts vulnerable to stored XSS via product reference in sales/purchases
from 0, <= 2025.92
MEDIUM5.4FacturaScripts is Vulnerable to Reflected XSS
from 0, < 2025.81
MEDIUM5.4Cross-site Scripting in FacturaScripts
from 0, < 2022.06
MEDIUM5.4Cross-site Scripting in FacturaScripts
from 0, <= 2022.08
MEDIUM5.3FacturaScripts Vulnerable to Unauthenticated phpinfo() Disclosure via Installer Endpoint
>= 2026, <= 2026.1
MEDIUM4.3FacturaScripts has Insecure Parameter Handling: Unauthorized Modification of Immutable 'nick' Field
from 0, <= 2024.92.x-dev
LOW3.9FacturaScripts vulnerable to Reflected Cross-Site Scripting (XSS) via Cookie Manipulation
from 0, <= 2025.71
—FacturaScripts has SQL Injection in Autocomplete Actions
from 0, < 2025.81
—FacturaScripts has SQL Injection in API ORDER BY Clause
from 0, < 2025.81
—FacturaScripts is Vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload
from 0, < 2025.7