4 matches found
EasyService Billing 1.0 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications history.pushState'', '', '/' form action="http://test.com/EasyServiceBilling/quotation-new3-new2.php?add=true&id=139" method="P...
EasyService Billing 1.0 - Cross-Site Request Forgery
EasyService Billing 1.0 - Cross-Site Request Forgery history.pushState'', '', '/' input typ...
EasyService Billing 1.0 - Cross-Site Request Forgery
history.pushState'', '', '/' input type="hidden" nam...
CVE-2018-11445
CVE-2018-11445: EasyService Billing 1.0 has a CSRF vulnerability in the User Add/System Settings page (system-settings-user-new2.php) that allows a user to be added with the Admin role. Exploitation is evidenced by multiple connected records (Exploit-DB entry and CNVD/CVE mirrors) describing a CS...