Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invoices vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4245
The WooCommerce PDF Invoice Builder for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the GetInvoiceDetail function in versions up to, and including, 1.2.89. This makes it possible for subscribers to view arbitrary invoices provided t...
Rednao Woocommerce Pdf Invoice Builder
NA
CVE-2024-3216
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wt_pklist_reset_settings() function in all versions up to, and including, 4.4.2. This m...
3.5
CVSSv2
CVE-2015-4381
Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x prior to 6.x-1.2 and 7.x-1.x prior to 7.x-1.3 for Drupal allows remote authenticated users with the "Administer own invoices" permission to inject arbitrary web script or HTML via unspecified vectors...
Invoice Project Invoice 6.x-1.1
Invoice Project Invoice 7.x-1.x-dev
6.8
CVSSv2
CVE-2015-4382
Multiple cross-site request forgery (CSRF) vulnerabilities in the Invoice module 6.x-1.x prior to 6.x-1.2 and 7.x-1.x prior to 7.x-1.3 for Drupal allow remote malicious users to hijack the authentication of arbitrary users for requests that (1) create, (2) delete, or (3) alter in...
Invoice Project Invoice 7.x-1.x-dev
Invoice Project Invoice 6.x-1.1
NA
CVE-2024-3045
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthentic...
NA
CVE-2024-3047
The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 3.8.0 via the transform() function. This can allow unauthenticated malicious users to make web requests to arbitrary locations ...
NA
CVE-2024-0957
The WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Customer Notes field in all versions up to, and including, 4.4.1 due to insufficient input sanitization and output escaping. T...
NA
CVE-2023-3764
The WooCommerce PDF Invoice Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.90. This is due to missing or incorrect nonce validation on the Save function. This makes it possible for unauthenticated malicious users to ...
Rednao Woocommerce Pdf Invoice Builder
7.5
CVSSv2
CVE-2005-0669
Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 up to and including 1.2.1b allow remote malicious users to execute arbitrary SQL commands via the (1) the faq_id in the faq mod, (2) the id parameter in the pages mod, (3) the id parameter in the siteinfo module,...
Coinsoft Technologies Phpcoin 1.2
Coinsoft Technologies Phpcoin 1.2.1
Coinsoft Technologies Phpcoin 1.2.1b
2.1
CVSSv2
CVE-2005-1932
Lpanel 1.59 and previous versions, and other versions prior to 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary suppor...
Lpanel Lpanel 1.594
Lpanel Lpanel 1.596
Lpanel Lpanel 1.59
Lpanel Lpanel 1.593
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »