Water Billing System Security Vulnerabilities

CVE-2020-28183

SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php.

CVE-2020-36033

SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php.

CVE-2022-30461

Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id

CVE-2022-30462

Water-billing-management-system v1.0 is affected by: Cross Site Scripting (XSS) via /wbms/classes/Users.php?f=save, firstname.

CVE-2023-27241

SourceCodester Water Billing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the lastname text box under the Add Client module.