GCVE - cpe:2.3:a:kashipara:billing_software:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kashipara:billing_software:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kashipara (`6b7db86c-2a94-5a2d-adbe-6158c7191f84`)
Product	Billing Software (`ad5b89ef-87a4-5b46-99fb-878dfbd78462`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-0496`	vulnerable	2026-06-03 14:54:02.842433	Kashipara Billing Software HTTP POST Request item_list_edit.php sql injection MEDIUM (6.3) A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file item_list_edit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250601 was assigned to this vulnerability. Published: 2024-01-13T17:00:05.402Z Updated: 2024-08-01T18:04:49.879Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250601 https://vuldb.com/?ctiid.250601 https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(1).docx	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-0495`	vulnerable	2026-06-03 14:54:02.842031	Kashipara Billing Software HTTP POST Request party_submit.php sql injection MEDIUM (6.3) A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file party_submit.php of the component HTTP POST Request Handler. The manipulation of the argument party_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250600. Published: 2024-01-13T16:31:03.345Z Updated: 2024-08-13T17:40:21.794Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250600 https://vuldb.com/?ctiid.250600 https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(2).docx	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-0494`	vulnerable	2026-06-03 14:54:02.841593	Kashipara Billing Software HTTP POST Request material_bill.php sql injection MEDIUM (6.3) A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file material_bill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250599. Published: 2024-01-13T16:00:05.140Z Updated: 2024-08-01T18:04:49.798Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250599 https://vuldb.com/?ctiid.250599 https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(3).docx	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-0493`	vulnerable	2026-06-03 14:54:02.841105	Kashipara Billing Software HTTP POST Request submit_delivery_list.php sql injection MEDIUM (6.3) A vulnerability, which was classified as critical, has been found in Kashipara Billing Software 1.0. Affected by this issue is some unknown functionality of the file submit_delivery_list.php of the component HTTP POST Request Handler. The manipulation of the argument customer_details leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250598 is the identifier assigned to this vulnerability. Published: 2024-01-13T15:31:03.467Z Updated: 2024-08-01T18:04:49.879Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250598 https://vuldb.com/?ctiid.250598 https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20SQL%20injection%20vulnerability(5).docx	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-0492`	vulnerable	2026-06-03 14:54:02.839752	Kashipara Billing Software HTTP POST Request buyer_detail_submit.php sql injection MEDIUM (6.3) A vulnerability classified as critical was found in Kashipara Billing Software 1.0. Affected by this vulnerability is an unknown functionality of the file buyer_detail_submit.php of the component HTTP POST Request Handler. The manipulation of the argument gstn_no leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250597 was assigned to this vulnerability. Published: 2024-01-13T15:00:06.351Z Updated: 2024-08-15T15:45:49.014Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250597 https://vuldb.com/?ctiid.250597 https://github.com/laoquanshi/BILLING-SOFTWARE-SQL-injection-vulnerability/blob/main/BILLING%20SOFTWARE%20sql.docx	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.