Filtered by vendor Easyservice Billing Project
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-11443 | 1 Easyservice Billing Project | 1 Easyservice Billing | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0. | |||||
CVE-2018-11442 | 1 Easyservice Billing Project | 1 Easyservice Billing | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation. | |||||
CVE-2018-11444 | 1 Easyservice Billing Project | 1 Easyservice Billing | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0. | |||||
CVE-2018-11445 | 1 Easyservice Billing Project | 1 Easyservice Billing | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. A User can be added with the Admin role. |