Easyservice Billing Project Easyservice Billing — known CVE vulnerabilities
Every CVE whose affected-product data names Easyservice Billing Project Easyservice Billing, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-11444 — CVSS 9.8 (critical): A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0.
CVE-2018-11442 — CVSS 8.8 (high): A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated…
CVE-2018-11445 — CVSS 8.8 (high): A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. A User can be…
CVE-2018-11443 — CVSS 6.1 (medium): The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0.