Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2007-1338

Malware in sbrugna...

5CVSS6.4AI score0.01245EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-3415

Malware in sbrugna...

7.5CVSS6.4AI score0.01195EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-17870

Malware in sbrugna...

8.8CVSS8.8AI score0.00718EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0784

Malware in sbrugna...

6.8CVSS6.4AI score0.01736EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 6:54 a.m.9 views

CVE-2017-8930

Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...

8.8CVSS7.7AI score0.00718EPSS
Exploits0References1
CNVD
CNVD
added 2017/05/19 12:0 a.m.2 views

Multiple Cross-Site Request Forgery Vulnerabilities in Simple Invoices

Simple Invoices is an open source, free web-based invoicing system. Three cross-site request forgery vulnerabilities exist in Simple Invoices version 2013.1.beta.8. A remote attacker can use these vulnerabilities to create a new administrator user account and take control of the entire applicatio...

8.8CVSS7.2AI score0.00718EPSS
Exploits0References1
Prion
Prion
added 2017/05/14 10:29 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...

6.8CVSS9.1AI score0.00718EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/05/14 10:29 p.m.1 views

CVE-2017-8930

Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...

8.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2017/05/14 10:29 p.m.19 views

CVE-2017-8930

Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...

8.8CVSS9.1AI score0.00718EPSS
Exploits0References1
CVE
CVE
added 2017/05/14 10:0 p.m.43 views

CVE-2017-8930

CVE-2017-8930 refers to multiple CSRF vulnerabilities in the open-source Simple Invoices 2013.1.beta.8. The issues allow remote attackers to hijack admin authentication and perform privileged actions, including: creating new administrator accounts and taking over the application, creating regular...

8.8CVSS9AI score0.00718EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2012/12/11 12:0 a.m.32 views

Simple Invoices Multiple XSS Vulnerabilities

Simple Invoices is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6AI score0.01319EPSS
Exploits2References5
NVD
NVD
added 2007/06/27 12:30 a.m.14 views

CVE-2007-3430

SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action...

7.5CVSS8.4AI score0.01195EPSS
Exploits1References6
Prion
Prion
added 2007/06/27 12:30 a.m.13 views

Sql injection

SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action...

7.5CVSS9.1AI score0.01195EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2007/06/27 12:0 a.m.43 views

CVE-2007-3430

CVE-2007-3430 describes an SQL injection vulnerability in index.php of Simple Invoices 2007 (dated 2007-05-25). The vulnerability allows remote attackers to execute arbitrary SQL commands via the submit parameter used in an email action. The available references indicate a remote, unauthenticated...

7.5CVSS8.4AI score0.01195EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/06/27 12:0 a.m.19 views

CVE-2007-3430

SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action...

8.4AI score0.01195EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2007/06/26 12:0 a.m.29 views

si2007-sql.txt

Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/06/26 12:0 a.m.25 views

Simple Invoices Index.PHP SQL注入漏洞

Simple Invoices是一款基于PHP的WEB应用程序。 Simple Invoices不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击获得敏感信息。 问题是由于'index.php'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可导致应用程序处理时更改原来的SQL逻辑,攻击者可以获得敏感信息或者操作数据库。 Simple Invoices 20070525 目前没有解决方案提供: http://www.simpleinvoices.org/ ?/ Exploit Name: Simple Invoices 2007 05 25...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/06/24 12:0 a.m.33 views

Simple Invoices 2007 05 25 (index.php submit) SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== Simple Invoices 2007 05 25 index.php submit SQL Injection Exploit =================================================================== 126 $result.=" ."; else $result.="...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/06/24 12:0 a.m.14 views

Simple Invoices 2007 05 25 - index.php?submit SQL Injection

Simple Invoices 2007 05 25 - index.php?submit SQL Injection Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0;...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/24 12:0 a.m.27 views

Simple Invoices 2007 05 25 - 'index.php?submit' SQL Injection

Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n...

7.4AI score
Exploits0
Rows per page
Query Builder