Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35674 | 1 Bigprof | 1 Online Invoicing System | 2022-10-03 | N/A | 9.8 CRITICAL |
BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (the endpoint that is responsible for issuing self-service password resets). An unauthenticated attacker is able to send a request containing a crafted payload that can result in sensitive information being extracted from the database, eventually leading into an application takeover. This vulnerability was introduced as a result of the developer trying to roll their own sanitization implementation in order to allow the application to be used in legacy environments. | |||||
CVE-2020-35675 | 1 Bigprof | 1 Online Invoicing System | 2022-10-03 | N/A | 8.8 HIGH |
BigProf Online Invoicing System before 3.0 offers a functionality that allows an administrator to move the records of members across groups. The applicable endpoint (admin/pageTransferOwnership.php) lacks CSRF protection, resulting in an attacker being able to escalate their privileges to Administrator and effectively taking over the application. | |||||
CVE-2020-35677 | 1 Bigprof | 1 Online Invoicing System | 2021-07-21 | 3.5 LOW | 4.8 MEDIUM |
BigProf Online Invoicing System before 4.0 fails to adequately sanitize fields for HTML characters upon an administrator using admin/pageEditGroup.php to create a new group, resulting in Stored XSS. The caveat here is that an attacker would need administrative privileges in order to create the payload. One might think this completely mitigates the privilege-escalation impact as there is only one high-privileged role. However, it was discovered that the endpoint responsible for creating the group lacks CSRF protection. | |||||
CVE-2021-27839 | 1 Bigprof | 1 Online Invoicing System | 2021-03-10 | 5.8 MEDIUM | 4.4 MEDIUM |
A CSV injection vulnerability found in Online Invoicing System (OIS) 4.3 and below can be exploited by users to perform malicious actions such as redirecting admins to unknown or harmful websites, or disclosing other clients' details that the user did not have access to. | |||||
CVE-2021-21260 | 1 Bigprof | 1 Online Invoicing System | 2021-01-29 | 3.5 LOW | 5.4 MEDIUM |
Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf token and sends a request to change password. It has been found that Item description is reflected without sanitization in app/items_view.php which enables the malicious scenario. | |||||
CVE-2020-35676 | 1 Bigprof | 1 Online Invoicing System | 2020-12-28 | 4.3 MEDIUM | 6.1 MEDIUM |
BigProf Online Invoicing System before 3.1 fails to correctly sanitize an XSS payload when a user registers using the self-registration functionality. As such, an attacker can input a crafted payload that will execute upon the application's administrator browsing the registered users' list. Once the arbitrary Javascript is executed in the context of the admin, this will cause the attacker to gain administrative privileges, effectively leading into an application takeover. This affects app/membership_signup.php and app/admin/pageViewMembers.php. | |||||
CVE-2020-6583 | 1 Bigprof | 1 Online Invoicing System | 2020-01-17 | 4.3 MEDIUM | 6.1 MEDIUM |
BigProf Online Invoicing System (OIS) through 2.6 has XSS that can be leveraged for session hijacking. An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account via the Name field in an Add New Client action. |