Vulnerabilities > Bigprof > Online Invoicing System > 2.6

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-6426 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/invoices_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6427 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/invoices_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6428 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/items_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6429 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /invoicing/app/clients_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6430 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/transactions_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6431 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/categories_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6432 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/items_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6433 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/suppliers_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6434 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/sections_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4
2023-11-30 CVE-2023-6435 Cross-site Scripting vulnerability in Bigprof Online Invoicing System 2.6
A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/batches_view.php, in the FirstRecord parameter.
network
low complexity
bigprof CWE-79
5.4
5.4