- Description
- Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginCheck.php resource does not validate the characters received and they are sent unfiltered to the database.
- Source
- help@fluidattacks.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- help@fluidattacks.com
- CWE-89
- Hype score
- Not currently trending
[CVE-2023-49641: CRITICAL] Warning: Billing Software v1.0 has Unauthenticated SQL Injection flaws. The 'username' param in loginCheck.php isn't filtered, making it prone to attacks. Protect your systems now.#cve,CVE-2023-49641,#cybersecurity https://t.co/2cKGW9SkQm https://t.co/4
@CveFindCom
13 May 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-49641 Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the loginCheck.php resource does not valida… https://t.co/rJRODpjUz1
@CVEnew
12 May 2025
141 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes