5 matches found
PT-2024-15611 · Unknown · Kashipara Billing
Name of the Vulnerable Software and Affected Versions: Kashipara Billing Software version 1.0 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file material bill.php. The manipulation of the itemtypeid argument leads to SQL injection. This...
Kashipara Billing Software SQL Injection Vulnerability
Kashipara Billing Software is an application from Kashipara India. A SQL injection vulnerability exists in Kashipara Billing Software version 1.0, which stems from a SQL injection vulnerability in the itemtypeid of the materialbill.php file...
CVE-2023-49624
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the materialbill.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2024-13771 · Billing · Billing
Name of the Vulnerable Software and Affected Versions: Billing Software version 1.0 Description: The issue is related to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the "material bill.php" resource does not validate the characters received and they are sent...
Kashipara Billing Software SQL Injection Vulnerability
Kashipara Billing Software is an application from Kashipara India. A SQL injection vulnerability exists in Kashipara Billing Software v1.0, which originates when the itemnameid parameter of the materialbill.php?action=itemRelation page is processed without filtering the data and sent to the...