Lucene search
K
Oretnom23Establishment Billing Management System

11 matches found

CVE
CVE
added 2024/07/31 6:0 a.m.56 views

CVE-2024-7290

CVE-2024-7290 affects SourceCodester Establishment Billing Management System 1.0. Affected component: /manage_tenant.php, where manipulating the argument id enables SQL injection. The vulnerability can be exploited remotely and has been disclosed publicly. The available documents confirm an explo...

8.8CVSS6.9AI score0.00532EPSS
CVE
CVE
added 2024/07/31 9:0 a.m.53 views

CVE-2024-7308

CVE-2024-7308 affects SourceCodester Establishment Billing Management System 1.0. The vulnerability is an SQL injection in the /view_bill.php file, triggered by manipulating the id parameter. It is exploitable remotely, and the exploit has been disclosed publicly per the CVE records, with multipl...

8.8CVSS6.8AI score0.00578EPSS
CVE
CVE
added 2024/07/31 5:0 a.m.52 views

CVE-2024-7288

CVE-2024-7288 affects the SourceCodester Establishment Billing Management System 1.0. The root cause is a SQL injection in the file /ajax.php?action=delete_block caused by manipulation of the id parameter. The vulnerability is exploitable remotely, with public disclosure of the exploit. Multiple ...

8.8CVSS6.8AI score0.00532EPSS
CVE
CVE
added 2023/05/14 8:0 a.m.51 views

CVE-2023-2689

The CVE-2023-2689 issue affects SourceCodester Billing Management System 1.0, specifically the file editproduct.php in the GET Parameter Handler. The vulnerability arises from unvalidated input in the id parameter, enabling SQL injection. Evidence across multiple sources confirms remote exploitab...

8.8CVSS7.8AI score0.00824EPSS
CVE
CVE
added 2024/07/31 4:31 a.m.51 views

CVE-2024-7287

CVE-2024-7287 affects SourceCodester Establishment Billing Management System 1.0. The vulnerability is an SQL injection in an unknown function of /manage_user.php caused by manipulation of the id parameter. It can be exploited remotely and the exploit has been disclosed publicly. No specific fix/...

8.8CVSS6.9AI score0.00532EPSS
CVE
CVE
added 2024/07/31 8:0 a.m.51 views

CVE-2024-7306

The CVE-2024-7306 entry concerns SourceCodester Establishment Billing Management System v1.0. The vulnerability is an SQL injection in an unknown function of /manage_block.php triggered by manipulating the id parameter. Exploitation appears possible remotely, with public disclosure noted. Connect...

8.8CVSS6.8AI score0.00619EPSS
CVE
CVE
added 2024/07/31 8:31 a.m.51 views

CVE-2024-7307

Summary (CVE-2024-7307): A SQL injection vulnerability exists in SourceCodester Establishment Billing Management System v1.0, triggered by manipulating the id parameter in the file /manage_billing.php. The issue is exploitable remotely and affects an unknown functionality. Public exploitation det...

8.8CVSS6.9AI score0.00619EPSS
CVE
CVE
added 2023/05/09 12:31 p.m.49 views

CVE-2023-2595

CVE-2023-2595 affects SourceCodester Billing Management System 1.0; vulnerable component: ajax_service.php (POST Parameter Handler). Manipulation of the drop_services parameter enables SQL injection. Attack can be launched remotely; exploit has been disclosed. Documents do not specify a fixed ver...

9.8CVSS8.3AI score0.00827EPSS
CVE
CVE
added 2024/07/31 3:31 a.m.49 views

CVE-2024-7285

Summary of CVE-2024-7285 : The vulnerability affects SourceCodester Establishment Billing Management System 1.0, specifically the /admin/ajax.php?action=save_settings endpoint. The issue arises from manipulation of the name parameter, enabling cross-site scripting (XSS). Attacks can be launched r...

5.4CVSS3.9AI score0.00447EPSS
Web
CVE
CVE
added 2024/07/31 5:31 a.m.49 views

CVE-2024-7289

SourceCodester Establishment Billing Management System 1.0 contains a SQL injection vulnerability in the manage_payment.php file. The issue arises from manipulation of the id parameter, allowing remote exploitation. Multiple sources (NVD, CVE records, CVE list) confirm the vulnerability and publi...

8.8CVSS6.8AI score0.00578EPSS
CVE
CVE
added 2024/07/31 4:0 a.m.45 views

CVE-2024-7286

CVE-2024-7286 affects SourceCodester Establishment Billing Management System 1.0, specifically the Login component via /admin/ajax.php?action=login. The vulnerability arises from improper handling of the username parameter, enabling SQL injection. Impact is described as high/critical with potenti...

9.8CVSS7.5AI score0.00646EPSS
Web