VYPR
Vendor

Billing Software

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2023-49666CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmer_details' parameter of the submit_material_list.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49665CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity[]' parameter of the submit_delivery_list.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49658CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bank_details' parameter of the party_submit.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49639CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customer_details' parameter of the buyer_invoice_submit.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49633CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'buyer_address' parameter of the buyer_detail_submit.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49625CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partylist_edit_submit.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49624CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the material_bill.php resource does not validate the characters received and they are sent unfiltered to the database.

  • CVE-2023-49622CriJan 4, 2024
    risk 0.64cvss 9.8epss 0.01

    Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'itemnameid' parameter of the material_bill.php?action=itemRelation resource does not validate the characters received and they are sent unfiltered to the database.