Filtered by vendor Kashipara
Subscribe
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49677 | 1 Kashipara | 1 Job Portal | 2024-11-21 | N/A | 9.8 CRITICAL |
| Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cmbQual' parameter of the Employer/InsertJob.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49666 | 1 Kashipara | 1 Billing System | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'custmer_details' parameter of the submit_material_list.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49665 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'quantity[]' parameter of the submit_delivery_list.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49658 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'bank_details' parameter of the party_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49639 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'customer_details' parameter of the buyer_invoice_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49633 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'buyer_address' parameter of the buyer_detail_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49625 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partylist_edit_submit.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49624 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'cancelid' parameter of the material_bill.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49622 | 1 Kashipara | 1 Billing Software | 2024-11-21 | N/A | 9.8 CRITICAL |
| Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'itemnameid' parameter of the material_bill.php?action=itemRelation resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2023-49272 | 1 Kashipara | 1 Hotel Management | 2024-11-21 | N/A | 5.4 MEDIUM |
| Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | |||||
| CVE-2023-49271 | 1 Kashipara | 1 Hotel Management | 2024-11-21 | N/A | 5.4 MEDIUM |
| Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | |||||
| CVE-2023-49270 | 1 Kashipara | 1 Hotel Management | 2024-11-21 | N/A | 5.4 MEDIUM |
| Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response. | |||||