SQL injection vulnerability in index.php in ClientExec 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) billshowid, (2) billdetailid, (3) fuse, and (4) frmClientID parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.015
EPSS Ranking 71.8%