CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41440
https://notcve.org/view.php?id=CVE-2022-41440
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php. Se ha detectado que Billing System Project versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en el archivo /phpinventory/editcategory.php • https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41439
https://notcve.org/view.php?id=CVE-2022-41439
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php. Se ha detectado que Billing System Project versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro id en el archivo /phpinventory/edituser.php • https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41437
https://notcve.org/view.php?id=CVE-2022-41437
Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php. Se ha detectado que Billing System Project versión v1.0, contiene una vulnerabilidad de ejecución remota de código (RCE) por medio del componente /php_action/createProduct.php • https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2801 – SourceCodester Automated Beer Parlour Billing System Login sql injection
https://notcve.org/view.php?id=CVE-2022-2801
A vulnerability, which was classified as critical, was found in SourceCodester Automated Beer Parlour Billing System. This affects an unknown part of the component Login. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-206247. • https://vuldb.com/?id.206247 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30461
https://notcve.org/view.php?id=CVE-2022-30461
Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id Water-billing-management-system versión v1.0, es vulnerable a una Inyección SQL por medio de /wbms/classes/Master.php?f=delete_client, id • https://github.com/mikeccltt/wbms_bug_report/blob/main/water-billing-management-system/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •