14 matches found
EUVD-2024-16080
Malicious code in bioql PyPI...
CVE-2024-0495
A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...
CVE-2024-0495 Kashipara Billing Software HTTP POST Request party_submit.php sql injection
A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...
CVE-2024-0495
The CVE-2024-0495 entries indicate a SQL injection in Kashipara Billing Software 1.0, caused by unsanitized party_name input in party_submit.php (HTTP POST Handler). It is remotely exploitable with publicly disclosed exploit information. Affected component/file: party_submit.php; vulnerable input...
CVE-2024-0284
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as problematic. This issue affects some unknown processing of the file partysubmit.php. The manipulation of the argument partyaddress leads to cross site scripting. The attack may be initiated remotely. The...
Cross site scripting
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as problematic. This issue affects some unknown processing of the file partysubmit.php. The manipulation of the argument partyaddress leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2024-0284 Kashipara Food Management System party_submit.php cross site scripting
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as problematic. This issue affects some unknown processing of the file partysubmit.php. The manipulation of the argument partyaddress leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2024-0284
Kashipara Food Management System (version 1.0) is affected by a Cross-Site Scripting in the party_submit.php file via the party_address argument. The vulnerability allows remote initiation and exploitation is publicly disclosed (VDB-249839). The root cause is improper handling/escaping of user-su...
CVE-2024-0284 Kashipara Food Management System party_submit.php cross site scripting
A vulnerability was found in Kashipara Food Management System up to 1.0. It has been rated as problematic. This issue affects some unknown processing of the file partysubmit.php. The manipulation of the argument partyaddress leads to cross site scripting. The attack may be initiated remotely. The...
CVE-2024-0277
A vulnerability classified as critical was found in Kashipara Food Management System up to 1.0. This vulnerability affects unknown code of the file partysubmit.php. The manipulation of the argument partyname leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2024-0277
CVE-2024-0277 affects Kashipara Food Management System up to version 1.0. The vulnerability is in the party_submit.php file, where improper handling of the party_name parameter enables a SQL injection. The issue is exploitable remotely and, per sources, the exploit has been disclosed publicly. Im...
CVE-2024-0277 Kashipara Food Management System party_submit.php sql injection
A vulnerability classified as critical was found in Kashipara Food Management System up to 1.0. This vulnerability affects unknown code of the file partysubmit.php. The manipulation of the argument partyname leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2024-0277 Kashipara Food Management System party_submit.php sql injection
A vulnerability classified as critical was found in Kashipara Food Management System up to 1.0. This vulnerability affects unknown code of the file partysubmit.php. The manipulation of the argument partyname leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2023-49658 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bankdetails' parameter of the partysubmit.php resource does not validate the characters received and they are sent unfiltered to the database...