VYPR

Water Billing System

by Sourcecodester

CVEs (6)

  • CVE-2020-36033CriJul 22, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php.

  • CVE-2020-28183CriNov 17, 2020
    risk 0.64cvss 9.8epss 0.03

    SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php.

  • CVE-2025-9706HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit…

  • CVE-2025-9705HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to…

  • CVE-2025-9704HigAug 30, 2025
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Water Billing System 1.0. This impacts an unknown function of the file /viewbill.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the…

  • CVE-2023-27241MedMar 27, 2023
    risk 0.40cvss 6.1epss 0.00

    SourceCodester Water Billing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the lastname text box under the Add Client module.