Billing System Project v1.0 exists to contain a SQL injection vulnerability via the endDate parameter at getOrderReport.php.
billing system project billing system 1.0