#csrf

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests do not require anti-CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW printer interface. For example, an attack could deliver a worrisome printout to an end user.

QuickJob version 6.1 suffers from an ignored default credential vulnerability.

Prison Management System version version 1.0 suffers from an ignored default credential vulnerability.

Pharmacy Management System version 1.0 suffers from an ignored default credential vulnerability.

Online Payment Hub System version 1.0 suffers from an ignored default credential vulnerability.

Innue Business Live Chat version 2.5 suffers from an ignored default credential vulnerability.

Multi Store Inventory Management System version 1.0 suffers from an insecure direct object reference vulnerability.

SIM Wisuda version 1.0 suffers from an insecure direct object reference vulnerability.

Webdenim AppUI version 1.0 suffers from an insecure direct object reference vulnerability.

LMS ZAI version 6.1 suffers from an ignored default credential vulnerability.