VYPR

Invoice System

by Code Projects

CVEs (7)

  • CVE-2026-7107MedApr 27, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has…

  • CVE-2026-7093MedApr 27, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/ of the component Invoice Endpoint. Performing a manipulation of the argument ID results in improper authorization. The…

  • CVE-2026-7092MedApr 27, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argument ID leads to improper authorization. The attack can be executed remotely. The…

  • CVE-2026-7091MedApr 27, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2026-7109MedApr 27, 2026
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-7108MedApr 27, 2026
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

  • CVE-2026-7110LowApr 27, 2026
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Executing a manipulation of the argument item name/description can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has…