Aggregates CVE and security vulnerability intelligence across all easyservice_billing_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf, vendor risk sql injection, and vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-11445 | A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. A User can be added with the Admin role. | [email protected] | 8.8 | 0.24% | 2018-05-25 | 2024-11-21 |
| CVE-2018-11444 | A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0. | [email protected] | 9.8 | 2.54% | 2018-05-25 | 2024-11-21 |
| CVE-2018-11443 | The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0. | [email protected] | 6.1 | 2.10% | 2018-05-25 | 2024-11-21 |
| CVE-2018-11442 | A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation. | [email protected] | 8.8 | 0.24% | 2018-05-25 | 2024-11-21 |