3 matches found
CVE-2023-49666
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmerdetails' parameter of the submitmateriallist.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49666 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmerdetails' parameter of the submitmateriallist.php resource does not validate the characters received and they are sent unfiltered to the database...
CVE-2023-49666
CVE-2023-49666 affects Billing Software v1.0, where the parameter custmer_details (note the spelling) in submit_material_list.php is not validating input and sends unfiltered to the database, enabling unauthenticated SQL Injection. The issue is due to insufficient input validation in that paramet...