Lucene search
K
Billing System Project ProjectBilling System Project

4 matches found

CVE
CVE
added 2022/11/23 12:0 a.m.64 views

CVE-2022-43213

CVE-2022-43213 affects Billing System Project v1.0, where a SQL injection vulnerability exists in the id parameter of editorder.php. The issue is caused by improper input handling, enabling an attacker to manipulate SQL queries. The NVD/NVD-derived metrics rate impact as critical (C:H, I:H, A:H) ...

9.8CVSS9.7AI score0.00787EPSS
CVE
CVE
added 2022/09/30 2:4 p.m.56 views

CVE-2022-41437

CVE-2022-41437 affects Billing System Project v1.0. A remote code execution (RCE) vulnerability is exposed through the /php_action/createProduct.php component. The NVD entry cites a network attack vector with low attack complexity and no user interaction, requiring high privileges, and results in...

7.2CVSS7.4AI score0.01378EPSS
CVE
CVE
added 2022/09/30 2:4 p.m.52 views

CVE-2022-41439

CVE-2022-41439 affects Billing System Project v1.0. A SQL injection vulnerability exists in the id parameter of /phpinventory/edituser.php, exposing confidentiality, integrity, and availability (high impact). Root cause: improper handling of user-supplied id leading to SQLi. Exploitation: a PoC i...

7.2CVSS7.2AI score0.00734EPSS
Web
CVE
CVE
added 2022/09/30 2:4 p.m.50 views

CVE-2022-41440

CVE-2022-41440 affects Billing System Project v1.0, with a SQL injection vulnerability exploitable via the id parameter in /phpinventory/editcategory.php. Multiple connected sources confirm the issue as a SQL injection in that endpoint, but no concrete patch/version update is detailed in the prov...

7.2CVSS7.2AI score0.00734EPSS
Web