Lucene search
K

6 matches found

redhatcve
redhatcve
added 2026/01/09 8:59 a.m.14 views

CVE-2023-49639

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customerdetails' parameter of the buyerinvoicesubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS8.3AI score0.00672EPSS
Exploits1References1
circl
circl
added 2024/01/04 3:21 p.m.8 views

CVE-2023-49639

creationtimestamp| type| source ---|---|--- 2024-01-04 15:21:42+00:00| seen| https://t.me/ctinow/163041 2024-01-05 01:33:35+00:00| seen| https://t.me/cibsecurity/74410 2024-01-06 12:05:46+00:00| seen| https://t.me/arpsyndicate/2530...

9.8CVSS8.7AI score0.00672EPSS
Exploits1References3
nvd
nvd
added 2024/01/04 2:15 p.m.21 views

CVE-2023-49639

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customerdetails' parameter of the buyerinvoicesubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00672EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2024/01/04 1:57 p.m.4 views

CVE-2023-49639 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customerdetails' parameter of the buyerinvoicesubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00672EPSS
Exploits1References2
cve
cve
added 2024/01/04 1:57 p.m.44 views

CVE-2023-49639

The CVE-2023-49639 issue affects Billing Software v1.0, where the vulnerable component is the customer_details parameter of buyer_invoice_submit.php. The root cause is lack of input validation, allowing unauthenticated SQL Injection by sending unfiltered data to the database. Documented impact is...

9.8CVSS9.9AI score0.00672EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2024/01/04 1:57 p.m.28 views

CVE-2023-49639 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customerdetails' parameter of the buyerinvoicesubmit.php resource does not validate the characters received and they are sent unfiltered to the database...

9.8CVSS10AI score0.00672EPSS
Exploits1References2
Rows per page
Query Builder