6 matches found
EUVD-2012-6477
Malware in sbrugna...
CVE-2020-6583
BigProf Online Invoicing System OIS through 2.6 has XSS that can be leveraged for session hijacking. An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account via the Name field in an Add New Client action...
Design/Logic Flaw
BigProf Online Invoicing System OIS through 2.6 has XSS that can be leveraged for session hijacking. An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account via the Name field in an Add New Client action...
CVE-2012-6631
Cross-site request forgery CSRF vulnerability in accounts/admin/index.php in Vessio NetBill 1.2 allows remote attackers to hijack the authentication of administrators for requests that add accounts via a new-client action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in accounts/admin/index.php in Vessio NetBill 1.2 allows remote attackers to hijack the authentication of administrators for requests that add accounts via a new-client action...
CVE-2012-6631
CVE-2012-6631 describes a Cross-site request forgery (CSRF) in the NetBill 1.2 admin interface. The vulnerability resides in accounts/admin/index.php and can allow an attacker to hijack an administrator’s session to perform actions such as adding new client accounts via the new-client action. Aff...