Lucene search
+L

14 matches found

NVD
NVD
added 2023/11/30 2:15 p.m.25 views

CVE-2023-6435

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/batchesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to...

6.3CVSS0.00388EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 2:15 p.m.21 views

CVE-2023-6428

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/itemsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to...

6.3CVSS0.00388EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 2:15 p.m.18 views

CVE-2023-6424

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/diseasesymptomsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an...

6.3CVSS0.00388EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 2:15 p.m.28 views

CVE-2023-6422

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patientsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking use...

6.3CVSS0.00388EPSS
Exploits0References1
Prion
Prion
added 2023/11/30 2:15 p.m.21 views

Design/Logic Flaw

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/transactionsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user...

4.9CVSS6.1AI score0.00388EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/30 2:15 p.m.13 views

Design/Logic Flaw

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patientsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking use...

4.9CVSS6.2AI score0.00388EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/30 2:15 p.m.15 views

Design/Logic Flaw

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/batchesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to...

4.9CVSS6.1AI score0.00388EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/30 2:15 p.m.17 views

Design/Logic Flaw

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/invoicesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user...

4.9CVSS6.1AI score0.00388EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/30 2:15 p.m.21 views

Design/Logic Flaw

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/itemsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user to...

4.9CVSS6.1AI score0.00388EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/11/30 1:54 p.m.24 views

CVE-2023-6431 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/categoriesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user t...

6.3CVSS6AI score0.00388EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/30 1:54 p.m.30 views

CVE-2023-6430 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/transactionsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user...

6.3CVSS6.1AI score0.00388EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 1:54 p.m.23 views

CVE-2023-6429 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/clientsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user ...

6.3CVSS6AI score0.00388EPSS
Exploits0References3
OSV
OSV
added 2023/11/30 1:52 p.m.25 views

CVE-2023-6427 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/invoicesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user...

6.3CVSS5.9AI score0.00388EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/30 1:48 p.m.32 views

CVE-2023-6422 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Clinic Management System 2.2, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /clinic/patientsview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking use...

6.3CVSS6.2AI score0.00388EPSS
Exploits0References1
Rows per page
Query Builder