Lucene search
K

5 matches found

NVD
NVD
added 2026/06/15 2:16 p.m.12 views

CVE-2019-25746

WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicatequoteinvoice and...

7.1CVSS0.00226EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 12:0 p.m.10 views

EUVD-2019-20182

WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicatequoteinvoice and...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 p.m.6 views

CVE-2019-25746 WordPress Sliced Invoices 3.8.2 SQL Injection via post Parameter

WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicatequoteinvoice and...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 p.m.11 views

CVE-2019-25746

WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability exploitable via the post parameter. Attackers can target admin.php with action=duplicate_quote_invoice and malicious post values to extract data or modify data. Evidence: authenticated, low-privilege requirement...

7.1CVSS5.8AI score0.00226EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49225

WordPress Sliced Invoices 3.8.2 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'post' parameter. Attackers can send requests to the admin.php endpoint with action=duplicate quote invoice an...

7.1CVSS5.7AI score0.00226EPSS
Exploits0References5
Rows per page
Query Builder