CVE-2026-12131 CodeAstro Human Resource Management System Payroll Invoice Payroll.php sql injection

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...

PT-2026-49000

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file applicationcontrollersPayroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitation o...

EUVD-2024-54210

Malicious code in bioql PyPI...

CVE-2023-46401

KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...

GHSA-GG2F-R4JH-VPMH TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

CVE-2024-44313

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

CVE-2024-44313

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

CVE-2024-44313

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...

CVE-2023-46401

KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...

CVE-2023-46401

KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. Affected product: KWHotel (desktop/web/mobile) version 0.47. Root cause: CSV formula injection in the Add Invoice feature. Impact is described as high for confidentiality, integrity, and availability per CVE metri...

CVE-2023-46401

KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...

CVE-2023-46401

KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...