SQL injection vulnerability in process.php in Itsourcecode Billing System in PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
References
Link | Resource |
---|---|
https://github.com/TThuyyy/cve1/issues/4 | Exploit Issue Tracking Third Party Advisory |
https://github.com/TThuyyy/cve1/issues/4 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
14 May 2025, 15:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/TThuyyy/cve1/issues/4 - Exploit, Issue Tracking, Third Party Advisory | |
First Time |
Angeljudesuarez
Angeljudesuarez billing System |
|
CPE | cpe:2.3:a:angeljudesuarez:billing_system:1.0:*:*:*:*:*:*:* |
21 Nov 2024, 09:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/TThuyyy/cve1/issues/4 - |
12 Jul 2024, 16:11
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-89 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
11 Jul 2024, 13:06
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Jul 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-09 20:15
Updated : 2025-05-14 15:31
NVD link : CVE-2024-37872
Mitre link : CVE-2024-37872
CVE.ORG link : CVE-2024-37872
JSON object : View
Products Affected
angeljudesuarez
- billing_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')