CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/05 7:50 p.m.•5 views

CVE-2026-7093

A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/ of the component Invoice Endpoint. Performing a manipulation of the argument ID results in improper authorization. The attack is possible to b...

6.5CVSS6.2AI score0.00201EPSS

RedhatCVE•added 2026/06/05 7:50 p.m.•6 views

CVE-2026-7107

A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...

6.5CVSS6.2AI score0.00201EPSS

RedhatCVE•added 2026/06/05 7:50 p.m.•6 views

CVE-2026-7108

A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used...

5.3CVSS5AI score0.00155EPSS

RedhatCVE•added 2026/05/29 8:13 p.m.•11 views

CVE-2026-9410

A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workflow. Such manipulation of the argument ID leads to improper authorization. It is possible to launc...

RedhatCVE•added 2026/05/26 8:14 p.m.•8 views

CVE-2026-9409

A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipulation of the argument role causes improper authorization. It is possible to initiate the attack...

NVD•added 2026/05/25 2:16 a.m.•8 views

CVE-2026-9409

5.3CVSS0.00198EPSS

NVD•added 2026/05/25 2:16 a.m.•9 views

CVE-2026-9410

5.3CVSS0.00198EPSS

EUVD•added 2026/05/25 12:30 a.m.•9 views

EUVD-2026-31612

Vulnrichment•added 2026/05/25 12:30 a.m.•8 views

CVE-2026-9410 Sushmi-pal Invoice-System Profile Workflow profile improper authorization

ATTACKERKB•added 2026/05/25 12:30 a.m.•8 views

CVE-2026-9410

CVE•added 2026/05/25 12:30 a.m.•18 views

CVE-2026-9410

The CVE refers to Sushmi-pal Invoice-System (Profile Workflow) with a vulnerability in the /profile code path where manipulation of the ID argument causes improper authorization. Attackable remotely and previously disclosed publicly; the vendor’s release model (rolling updates) means no fixed ver...

Cvelist•added 2026/05/25 12:15 a.m.•35 views

CVE-2026-9409 Sushmi-pal Invoice-System User Management user improper authorization

5.3CVSS0.00198EPSS

CVE•added 2026/05/25 12:15 a.m.•20 views

CVE-2026-9409

Sushmi-pal Invoice-System contains a flaw in the User Management Handler, affecting an unknown portion of the /user file. Manipulation of the role argument allows improper authorization, enabling a remote attack. The exploit has been published, and the product uses a rolling release with no versi...

EUVD•added 2026/05/25 12:15 a.m.•14 views

EUVD-2026-31611

Vulnrichment•added 2026/05/25 12:15 a.m.•7 views

CVE-2026-9409 Sushmi-pal Invoice-System User Management user improper authorization

Positive Technologies•added 2026/05/25 12:0 a.m.•13 views

PT-2026-42981

CNNVD•added 2026/05/25 12:0 a.m.•5 views

Invoice-System 授权问题漏洞

Invoice-System is an invoice management system development exercise tool by Sushmita Palikhe individual developer. Invoice-System a0a3faa16dee2621b231ae227333f5761607283b and prior versions have an authorization issue vulnerability that stems from a parameter role operation in the User Management...

5.3CVSS5.8AI score0.00198EPSS

Exploits0References5

Positive Technologies•added 2026/05/25 12:0 a.m.•12 views

PT-2026-42980

CNNVD•added 2026/05/25 12:0 a.m.•7 views

Invoice-System 授权问题漏洞

5.3CVSS5.8AI score0.00198EPSS