N/A

SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email you the patch to fix this small issue."

N/A

N/A

EZ Invoice Inc. EZI Invoices.PHP SQL注入漏洞

EZ Invoice是一款商业购物程序。 EZ Invoice Inc 2.0的invoices.php存在SQL注入漏洞，可让远程攻击者通过i参数执行任意SQL命令。注意：供应商已声称"EZ Invoice， Inc提供可用的补丁程序。请发送电子邮件至support@ezinvoiceinc.com，EZI便会将修复这个小问题的补丁程序通过电子邮件发送给您。"

N/A

N/A