Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
simple invoices simple invoices vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2012-4932
Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote malicious users to inject arbitrary web script or HTML via (1) the having parameter in a manage action to index.php; (2) the Email field in an Add User action; (3) the ...
Simple Invoices Simple Invoices
Simple Invoices Simple Invoices 2007-05-25
Simple Invoices Simple Invoices 2007-01-25
Simple Invoices Simple Invoices 2006-12-11
Simple Invoices Simple Invoices 2007-02-02
1 EDB exploit
5
CVSSv2
CVE-2007-1341
include/auth/auth.php in Simple Invoices prior to 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow malicious users to obtain sensitive information.
Simple Invoices Simple Invoices 2006-12-11
Simple Invoices Simple Invoices 2007-01-25
Simple Invoices Simple Invoices 2007-02-02
6.8
CVSSv2
CVE-2007-0787
PHP remote file inclusion vulnerability in controller.php in Simple Invoices prior to 20070202 allows remote malicious users to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information.
Simple Invoices Simple Invoices 2007-02-02
7.5
CVSSv2
CVE-2007-3430
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote malicious users to execute arbitrary SQL commands via the submit parameter in an email action.
Simple Invoices Simple Invoices 2007-05-25
1 EDB exploit
6.8
CVSSv2
CVE-2017-8930
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote malicious users to hijack the authentication of admins for requests that can (1) create new administrator user accounts and take over the entire application, (2) create regula...
Simpleinvoices Simple Invoices 2013.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started