4 matches found
CVE-2012-6514
CVE-2012-6514 is a Cross-site Scripting (XSS) vulnerability in the Joomla! environment using the nBill (com_nbill) component 2.3.2 . The issue occurs when an attacker can inject arbitrary web script or HTML via the message parameter in an income action to administrator/index.php . The CVSS metric...
CVE-2010-4270
CVE-2010-4270 describes a directory traversal vulnerability in the nBill (com_netinvoice) Joomla! components, affecting versions before 2.0.9 standard, 2.0.10 lite, and 1.2_10. The flaw allows remote attackers to read arbitrary files via traversal sequences in specific admin and frontend paths (a...
CVE-2008-3498
CVE-2008-3498 affects the nBill (com_netinvoice) Joomla! component. The vulnerability is a SQL injection in the cid parameter used in the orders action to index.php (version 1.2.0 SP1). This allows remote attackers to execute arbitrary SQL commands. Several references corroborate this description...
CVE-2008-7302
CVE-2008-7302 is a reported SQL injection vulnerability in the Joomla! extension component nBill (com_netinvoice) version 1.2.0 SP1, affecting the file netinvoice.php. The underlying issue is an SQL injection that could allow remote attackers to execute arbitrary SQL commands through unspecified ...