Lucene search
K

184 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 8:14 p.m.16 views

CVE-2026-9412

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.18 views

CVE-2026-9414

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-9411

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGSTInvoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customername/category results in sql injection. The...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 2:13 p.m.12 views

CVE-2026-9413

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 2:16 a.m.28 views

CVE-2026-9413

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS0.00263EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 2:16 a.m.18 views

CVE-2026-9414

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS0.00191EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 2:16 a.m.19 views

CVE-2026-9412

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS0.00201EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 2:16 a.m.16 views

CVE-2026-9411

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGSTInvoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customername/category results in sql injection. The...

6.5CVSS0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 1:30 a.m.22 views

CVE-2026-9414

CVE-2026-9414 affects SourceCodester’s Indian Invoicing System (invoices module) specifically the Invoice Template Render Database-Backed component. A vulnerability in add_order.php allows manipulation of the customer_name parameter to trigger cross-site scripting (XSS). The flaw is exploitable r...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 1:30 a.m.12 views

EUVD-2026-31616

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:30 a.m.7 views

CVE-2026-9414

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/25 1:30 a.m.40 views

CVE-2026-9414 SourceCodester Indian Invoicing System Invoice Template Render Database-Backed add_order.php cross site scripting

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS0.00191EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/25 1:30 a.m.7 views

CVE-2026-9414 SourceCodester Indian Invoicing System Invoice Template Render Database-Backed add_order.php cross site scripting

A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/addorder.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customername results in cross sit...

5.1CVSS4.2AI score0.00191EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 1:15 a.m.25 views

EUVD-2026-31615

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 1:15 a.m.23 views

CVE-2026-9413

SourceCodester Indian Invoicing System 1.0 is affected by a cross-site scripting (XSS) flaw in the /Invoicing/category.php file. The vulnerability stems from manipulation of the message parameter (msg) that enables remote execution of an attacker-supplied script. Public exploit code exists. No re...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:15 a.m.8 views

CVE-2026-9413

A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly availabl...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/25 1:0 a.m.9 views

CVE-2026-9412 SourceCodester Indian Invoicing System Backend Endpoint access control

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 1:0 a.m.35 views

CVE-2026-9412 SourceCodester Indian Invoicing System Backend Endpoint access control

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS0.00201EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 1:0 a.m.17 views

EUVD-2026-31613

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 1:0 a.m.7 views

CVE-2026-9412

A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder