CVE-2026-12131

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...

CVE-2021-47769

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

CVE-2021-47769

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

CVE-2021-47769 Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)

Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerability in title input fields across stock, customer, and invoice modules. Attackers with privileged user accounts can inject malicious scripts that execute on preview, potentially enabling session hijacking and persistent...

Bdtask Isshue Shopping Cart security vulnerability

Bdtask Isshue Shopping Cart is an e-commerce shopping cart software system developed by the Bangladeshi company Bdtask. Version 3.5 of Bdtask Isshue Shopping Cart contains a security vulnerability. This vulnerability stems from persistent cross-site scripting in the title input fields of the...

PT-2026-3045

Name of the Vulnerable Software and Affected Versions Isshue Shopping Cart version 3.5 Description The software contains a persistent cross-site scripting issue in title input fields within the stock, customer, and invoice modules. An attacker with elevated privileges can inject malicious scripts...

EUVD-2015-4405

Malware in sbrugna...

EUVD-2015-4404

Malware in sbrugna...

EUVD-2025-25248

Malicious code in bioql PyPI...

CVE-2025-9167

A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The explo...

CVE-2025-9167

A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The explo...

CVE-2025-9167

A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The explo...

CVE-2025-9167

CVE-2025-9167 concerns SolidInvoice versions up to 2.4.0, affecting the Recurring Invoice Module’s /invoice/recurring code. The vulnerability is a stored/reflected-like cross-site scripting issue caused by manipulation of the client name argument, leading to script injection with potential remote...

CVE-2025-9167 SolidInvoice Recurring Invoice recurring cross site scripting

A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The explo...

PT-2025-33865 · Unknown · Solidinvoice

Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.4.1 Description: A vulnerability exists in SolidInvoice that allows for cross site scripting. The issue affects unknown code within the /invoice/recurring file of the Recurring Invoice Module. Manipulation of...

CVE-2024-24310

In the module "Generate barcode on invoice / delivery slip" ecgeneratebarcode from Ether Creation = 1.2.0 for PrestaShop, a guest can perform SQL injection...

Critical Persistent Injection Vulnerability in Apple App Store and iTunes

A critical vulnerability has been discovered in the official Apple’s App Store and iTunes Store, affecting millions of Apple users. Vulnerability-Lab Founder and security researcher Benjamin Kunz Mejri discovered an Application-Side input validation web vulnerability that actually resides in the...

Apple iTunes & AppStore - Persistent Store Vulnerability

Document Title: =============== Apple iTunes & AppStore - Persistent Store Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1517 Video View: https://www.youtube.com/watch?v=iPvmrFgvpDQ Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1512 Releas...

Apple iTunes & AppStore - Persistent Store Vulnerability

Document Title: =============== Apple iTunes & AppStore - Persistent Store Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1517 Video View: https://www.youtube.com/watch?v=iPvmrFgvpDQ Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1512 Releas...

CVE-2015-4381

Cross-site scripting XSS vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices" permission to inject arbitrary web script or HTML via unspecified vectors involving nodes of the "Invoice"...