PT-2025-35248

Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.3.8 Description: SolidInvoice is susceptible to a Cross Site Scripting XSS issue within the Tax Rate functionality. Recommendations: Update to version 2.3.8 or later...

Exploit for CVE-2025-55580

CVE-2025-55580 - SolidInvoice Stored Cross-Site Scripting XSS...

CVE-2025-9171

A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-9169

A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-9170

A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

CVE-2025-9168

A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-9167

A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The explo...

CVE-2025-9171

A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-9171

A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-9171 SolidInvoice Clients clients cross site scripting

A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-9171

SolidInvoice

CVE-2025-9171 SolidInvoice Clients clients cross site scripting

A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-9169

A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-9170

A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

CVE-2025-9170

A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

CVE-2025-9169

A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed...

CVE-2025-9170 SolidInvoice Tax Rates rates cross site scripting

A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

CVE-2025-9170 SolidInvoice Tax Rates rates cross site scripting

A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

CVE-2025-9170

SolidInvoice up to 2.4.0 has a cross-site scripting vulnerability in the Tax Rates Module, affecting an unknown function in /tax/rates where manipulating the Name parameter enables remote exploitation. Public PoC/exploitation steps are linked in multiple sources. Remediation provided in connected...

CVE-2025-9169

SolidInvoice contains a stored cross-site scripting vulnerability in the Quote Module. Affects versions up to 2.4.0 (prior to 2.4.1 as remediation guidance). The issue lies in the /quotes file, where manipulating the Name argument can trigger XSS. Remote exploitation is possible and the exploit h...