14 matches found
EUVD-2026-36604
A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...
CVE-2026-12131 CodeAstro Human Resource Management System Payroll Invoice Payroll.php sql injection
A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...
PT-2026-49000
Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description An SQL injection issue exists within the Payroll Invoice Module. The flaw is located in the Invoice function of the applicationcontrollersPayroll.php file, where improper...
EUVD-2024-54210
Malicious code in bioql PyPI...
CVE-2023-46401
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...
GHSA-GG2F-R4JH-VPMH TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...
TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...
CVE-2024-44313
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...
CVE-2024-44313
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...
CVE-2024-44313
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks...
CVE-2023-46401
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...
CVE-2023-46401
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. Affected product: KWHotel (desktop/web/mobile) version 0.47. Root cause: CSV formula injection in the Add Invoice feature. Impact is described as high for confidentiality, integrity, and availability per CVE metri...
CVE-2023-46401
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...
CVE-2023-46401
KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function...