2 matches found
CVE-2024-8560
The CVE-2024-8560 entry affects SourceCodester Simple Invoice Generator System 1.0. A vulnerability in the /save_invoice.php function allows SQL injection via manipulated parameters (invoice_code, customer, cashier, total_amount, discount_percentage, discount_amount, tendered_amount) and can be e...
CVE-2023-6650
CVE-2023-6650 affects SourceCodester Simple Invoice Generator System 1.0. The vulnerability is a cross-site scripting flaw in the login.php handling of the cashier parameter. The issue allows an attacker to inject scripts that may be executed in the context of the victim’s browser. Remote initiat...