CVE-2024-8560 | SourceCodester Simple Invoice Generator System 1.0 /save_invoice.php sql injection

Inserito da Angelo Barbosa | Set 6, 2024 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Simple Invoice Generator System 1.0. Affected is an unknown function of the file /save_invoice.php. The manipulation of the argument invoice_code/customer/cashier/total_amount/discount_percentage/discount_amount/tendered_amount leads to sql injection.

This vulnerability is traded as CVE-2024-8560. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-8560 | SourceCodester Simple Invoice Generator System 1.0 /save_invoice.php sql injection

Post correlati

CVE-2024-4256 | Techkshetra Info Solutions Savsoft Quiz 6.0 Category Page editCategory category_name cross site scripting

CVE-2024-50437 | AyeCode GeoDirectory Plugin up to 2.3.80 on WordPress cross site scripting

VDB-262278 | Google Cloud Platform Security Operations permission

CVE-2024-25027 | IBM Security Verify Access Docker 10.0.6 Snapshot missing encryption (XFDB-281607)