CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41437
https://notcve.org/view.php?id=CVE-2022-41437
Billing System Project v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/createProduct.php. Se ha detectado que Billing System Project versión v1.0, contiene una vulnerabilidad de ejecución remota de código (RCE) por medio del componente /php_action/createProduct.php • https://github.com/chi645190147/bug_report/blob/main/vendors/mayuri_k/billing-system-project/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30461
https://notcve.org/view.php?id=CVE-2022-30461
Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id Water-billing-management-system versión v1.0, es vulnerable a una Inyección SQL por medio de /wbms/classes/Master.php?f=delete_client, id • https://github.com/mikeccltt/wbms_bug_report/blob/main/water-billing-management-system/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-30462
https://notcve.org/view.php?id=CVE-2022-30462
Water-billing-management-system v1.0 is affected by: Cross Site Scripting (XSS) via /wbms/classes/Users.php?f=save, firstname. Water-billing-management-system versión v1.0, está afectado por: Cross Site Scripting (XSS) por medio de /wbms/classes/Users.php?f=save, firstname • https://github.com/mikeccltt/wbms_bug_report/blob/main/water-billing-management-system/xss.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41929
https://notcve.org/view.php?id=CVE-2021-41929
Cross Site Scripting (XSS) in Sourcecodester The Electric Billing Management System 1.0 by oretnom23, allows attackers to execute arbitrary code via the about page. Una vulnerabilidad de tipo Cross Site Scripting (XSS) en Sourcecodester The Electric Billing Management System versión 1.0 by oretnom23, permite a atacantes ejecutar código arbitrario por medio de la página about • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/CVE-nu11-19-302021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36033
https://notcve.org/view.php?id=CVE-2020-36033
SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the id parameter to edituser.php. Una vulnerabilidad de inyección SQL en SourceCodester Water Billing System versión 1.0, por medio del parámetro id en el archivo edituser.php • https://github.com/TCSWT/Water-Billing-System • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •