Vulnerabilities (CVE)

Filtered by vendor Billing System Project Subscribe
Filtered by product Billing System
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43215 1 Billing System Project 1 Billing System 2023-12-10 N/A 9.8 CRITICAL
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the endDate parameter at getOrderReport.php.
CVE-2022-43214 1 Billing System Project 1 Billing System 2023-12-10 N/A 9.8 CRITICAL
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the orderId parameter at printOrder.php.
CVE-2022-41504 1 Billing System Project 1 Billing System 2023-12-10 N/A 7.2 HIGH
An arbitrary file upload vulnerability in the component /php_action/editProductImage.php of Billing System Project v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-41498 1 Billing System Project 1 Billing System 2023-12-10 N/A 7.2 HIGH
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editbrand.php.