17 matches found
EUVD-2020-27731
Malware in sbrugna...
EUVD-2020-23336
Malware in sbrugna...
BigProf Online Invoicing System Security Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A security vulnerability exists in BigProf Online Invoicing System version 2.6, which originates from a cross-site scripting vulnerability in the FirstRecord parameter of /invoicing/app/invoicesview.php...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Invoicing System version 2.6, which originates from a cross-site scripting vulnerability in the FirstRecord parameter of /invoicing/app/clientsview.php...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Invoicing System version 3.2, which stems from a cross-site scripting vulnerability in the FirstRecord parameter of /inventory/categoriesview.php...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Invoicing System version 2.6, which originates from a cross-site scripting vulnerability in the FirstRecord parameter of /invoicing/app/invoicesview.php...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Inventory Manager version 3.2, which stems from a cross-site scripting vulnerability in the FirstRecord parameter of /inventory/transactionsview.php...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Invoicing System version 3.2, which stems from a cross-site scripting vulnerability in the FirstRecord parameter of /inventory/itemsview.php...
PT-2023-32662 · Unknown · Bigprof Online Invoicing System
Name of the Vulnerable Software and Affected Versions: BigProf Online Invoicing System version 2.6 Description: A vulnerability has been discovered in the system, which does not sufficiently encode user-controlled input, resulting in persistent XSS through the "/inventory/items view.php" API...
PT-2023-32658 · Unknown · Bigprof Online Invoicing System
Name of the Vulnerable Software and Affected Versions: BigProf Online Invoicing System version 2.6 Description: A vulnerability has been discovered in the BigProf Online Invoicing System, which does not sufficiently encode user-controlled input, resulting in persistent XSS through the...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Invoicing System version 2.6, which originates from a cross-site scripting vulnerability in the FirstRecord parameter of /invoicing/app/itemsview.php...
BigProf Online Invoicing System SQL注入漏洞
BigProf Online Invoicing System OIS is an online invoicing system. A security vulnerability exists in the BigProf Online Invoicing System prior to version 2.9, which stems from the presence of an unauthenticated SQL injection, where an unauthenticated attacker is able to send a request containing...
BigProf Online Invoicing System 跨站脚本漏洞
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in Online Invoicing System OIS version 4.0, which can be exploited by an attacker to take over an administrative account by extracting a csrf token and sending a password change request,...
PT-2020-17385 · Bigprof · Bigprof Online Invoicing System
Name of the Vulnerable Software and Affected Versions: BigProf Online Invoicing System versions prior to 3.0 Description: The issue concerns a lack of CSRF protection in the "admin/pageTransferOwnership.php" endpoint, allowing an attacker to escalate privileges to Administrator and take over the...
BigProf Online Invoicing System 跨站脚本漏洞
BigProf Online Invoicing System OIS is an easy invoicing tool for small businesses, consultants and freelancers created using AppGini. A cross-site scripting vulnerability exists in app/membershipsignup.php and app/admin/pageViewMembers.php in BigProf Online Invoicing System versions prior to 3.1...
BigProf Online Invoicing System 跨站脚本漏洞
BigProf Online Invoicing System OIS is an easy invoicing tool for small businesses, consultants and freelancers created using AppGini. A stored cross-site scripting vulnerability exists in BigProf Online Invoicing System versions prior to 4.0. The vulnerability stems from the product failing to...
BigProf Online Invoicing System Cross-Site Scripting Vulnerability
BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf OIS 2.6 and prior versions. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to...