11 matches found
CVE-2024-7290
CVE-2024-7290 affects SourceCodester Establishment Billing Management System 1.0. Affected component: /manage_tenant.php, where manipulating the argument id enables SQL injection. The vulnerability can be exploited remotely and has been disclosed publicly. The available documents confirm an explo...
CVE-2024-7308
CVE-2024-7308 affects SourceCodester Establishment Billing Management System 1.0. The vulnerability is an SQL injection in the /view_bill.php file, triggered by manipulating the id parameter. It is exploitable remotely, and the exploit has been disclosed publicly per the CVE records, with multipl...
CVE-2024-7288
CVE-2024-7288 affects the SourceCodester Establishment Billing Management System 1.0. The root cause is a SQL injection in the file /ajax.php?action=delete_block caused by manipulation of the id parameter. The vulnerability is exploitable remotely, with public disclosure of the exploit. Multiple ...
CVE-2023-2689
The CVE-2023-2689 issue affects SourceCodester Billing Management System 1.0, specifically the file editproduct.php in the GET Parameter Handler. The vulnerability arises from unvalidated input in the id parameter, enabling SQL injection. Evidence across multiple sources confirms remote exploitab...
CVE-2024-7287
CVE-2024-7287 affects SourceCodester Establishment Billing Management System 1.0. The vulnerability is an SQL injection in an unknown function of /manage_user.php caused by manipulation of the id parameter. It can be exploited remotely and the exploit has been disclosed publicly. No specific fix/...
CVE-2024-7306
The CVE-2024-7306 entry concerns SourceCodester Establishment Billing Management System v1.0. The vulnerability is an SQL injection in an unknown function of /manage_block.php triggered by manipulating the id parameter. Exploitation appears possible remotely, with public disclosure noted. Connect...
CVE-2024-7307
Summary (CVE-2024-7307): A SQL injection vulnerability exists in SourceCodester Establishment Billing Management System v1.0, triggered by manipulating the id parameter in the file /manage_billing.php. The issue is exploitable remotely and affects an unknown functionality. Public exploitation det...
CVE-2023-2595
CVE-2023-2595 affects SourceCodester Billing Management System 1.0; vulnerable component: ajax_service.php (POST Parameter Handler). Manipulation of the drop_services parameter enables SQL injection. Attack can be launched remotely; exploit has been disclosed. Documents do not specify a fixed ver...
CVE-2024-7285
Summary of CVE-2024-7285 : The vulnerability affects SourceCodester Establishment Billing Management System 1.0, specifically the /admin/ajax.php?action=save_settings endpoint. The issue arises from manipulation of the name parameter, enabling cross-site scripting (XSS). Attacks can be launched r...
CVE-2024-7289
SourceCodester Establishment Billing Management System 1.0 contains a SQL injection vulnerability in the manage_payment.php file. The issue arises from manipulation of the id parameter, allowing remote exploitation. Multiple sources (NVD, CVE records, CVE list) confirm the vulnerability and publi...
CVE-2024-7286
CVE-2024-7286 affects SourceCodester Establishment Billing Management System 1.0, specifically the Login component via /admin/ajax.php?action=login. The vulnerability arises from improper handling of the username parameter, enabling SQL injection. Impact is described as high/critical with potenti...