Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Prion
Prionadded 2012/08/26 3:17 a.m.15 views

Sql injection

SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sortcol variable in the listitems function, a different vulnerability than CVE-2012-3477...

7.5CVSS8.7AI score0.01318EPSS
Exploits3References3
Cvelist
Cvelistadded 2012/08/26 1:0 a.m.25 views

CVE-2012-3477

SQL injection vulnerability in signupcheck.php in NeoInvoice allows remote attackers to execute arbitrary SQL commands via the value parameter in a username action...

8.1AI score0.01199EPSS
Exploits2References2
CVE
CVEadded 2012/08/26 1:0 a.m.43 views

CVE-2012-3477

CVE-2012-3477 affects NeoInvoice via an unauthenticated blind SQL injection in signup_check.php where the value parameter of the username action is concatenated into an SQL query. The vulnerability allows remote attackers to run arbitrary SQL commands; the PoC shows a value parameter crafted to t...

7.5CVSS8.4AI score0.01199EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Stormadded 2012/08/12 12:0 a.m.29 views

NeoInvoice Blind SQL Injection

NeoInvoice is a multi-tenant open source invoicing system, that currently contains an unauthenticated blind SQL injection condition in signupcheck.php. The input for the value field isn't being properly sanitized, and is used in string concatenation to create the SQL query. See here for the...

7.5CVSS0.3AI score0.01199EPSS
Exploits2
Rows per page
Query Builder