Online Invoicing System is an open source web application by BigProf Software that can be used for the simple invoicing needs of small businesses, consultants and freelancers. OIS 4.3 and below were found to be vulnerable to CSV Injection during my testing. CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input … Continue reading CSV Injection in Online Invoicing System (OIS)