EUVD-2019-18470

Malware in sbrugna...

EUVD-2025-28820

Malicious code in bioql PyPI...

CVE-2025-9168

A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-9168

A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-9168

A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-9168 SolidInvoice Invoice Creation invoice cross site scripting

A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been...

CVE-2025-9168

CVE-2025-9168 affects SolidInvoice up to version 2.4.0 in the Invoice Creation Module. The issue arises from improper processing of the /invoice file, where manipulating the Client Name parameter triggers a stored XSS vulnerability. The attack can be launched remotely, and the exploit has been ma...

CVE-2025-9168 SolidInvoice Invoice Creation invoice cross site scripting

A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been...

PT-2025-33879 · Unknown · Solidinvoice

Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.4.1 Description: A vulnerability exists in SolidInvoice affecting the Invoice Creation Module. The issue involves an unknown processing of the /invoice file. Manipulation of the Client Name argument results in...

SolidInvoice 代码注入漏洞

SolidInvoice is an invoice solution application from SolidInvoice open source. A code injection vulnerability exists in SolidInvoice version 2.4.0 and earlier, which stems from the incorrect manipulation of the parameter Client Name by file/invoice in the component Invoice Creation Module, leadin...

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

💥 BUG Stored xss via client address in invoice 💥 TESTED VERSION latest version as of 01/07/21 💥 STEP TO REPRODUCE 1. From admin account goto http://localhost/online-invoice2/app/admin/pageViewMembers.php and add a new user called user-B with read-write permission in invoice/client module .\ 2...

CVE-2019-9085

Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service invoice-creation outage via the nfile parameter to visualizzacontratto.php with invalid arguments any non-numeric value, as demonstrated by the anno=2019&idtransazione=1&numerocontratto=1&nfile=a query string ...

Design/Logic Flaw

Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service invoice-creation outage via the nfile parameter to visualizzacontratto.php with invalid arguments any non-numeric value, as demonstrated by the anno=2019&idtransazione=1&numerocontratto=1&nfile=a query string ...

Cross site scripting

Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code...

CVE-2017-1000466

Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code...

Invoice Ninja Cross-Site Scripting Vulnerability

Invoice Ninja is an open source financial system. The system is able to provide invoicing, collection and other functions. A cross-site scripting vulnerability exists in the invoice creation page in Invoice Ninja version 3.8.1. A remote attacker can exploit this vulnerability to cause a denial of...

NS Download Shop Component SQL Injection Vulnerability in Joomla!

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions. NS Download Shop also known as comnsdownloadshop component is used in one of the download component. A SQL injection...