4 matches found
CVE-2013-10018
The CVE-2013-10018 entry concerns fanzila WebFinance 0.5, where an unknown functionality in htdocs/prospection/save_contact.php is vulnerable to SQL injection via the parameters nom, prenom, email, tel, mobile, client, fonction, and note. The issue is described as critical with a CVSSv3.1 vector ...
CVE-2013-10017
CVE-2013-10017 affects fanzila WebFinance 0.5. The vulnerability is a SQL injection in an unknown function of the file htdocs/admin/save_roles.php , caused by manipulation of the id parameter. A patch named 6cfeb2f6b35c1b3a7320add07cd0493e4f752af3 is recommended to fix the issue. The connected do...
CVE-2013-10015
CVE-2013-10015 affects fanzila WebFinance 0.5. The vulnerability resides in the file htdocs/admin/save_Contract_Signer_Role.php, where manipulation of the argument n/v leads to SQL injection. A patch is available (commit: abad81af614a9ceef3f29ab22ca6bae517619e06) and should be applied to remediat...
CVE-2013-10016
The CVE targets fanzila WebFinance 0.5, with a SQL injection in htdocs/admin/save_taxes.php triggered by manipulating the id parameter. The vulnerability is described as critical, affecting processing of unknown data in that file. The identified patch is 306f170ca2a8203ae3d8f51fb219ba9e05b945e1, ...