CVE-2026-12131 | CodeAstro Human Resource Management System 1.0 Payroll Invoice Payroll.php ID sql injection

Inserito da Angelo Barbosa | Giu 12, 2026 | CVE

A vulnerability was found in CodeAstro Human Resource Management System 1.0. It has been rated as critical. This vulnerability affects the function Invoice of the file applicationcontrollersPayroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection.

This vulnerability is registered as CVE-2026-12131. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2026-12131 | CodeAstro Human Resource Management System 1.0 Payroll Invoice Payroll.php ID sql injection

Post correlati

CVE-2024-21803 | Linux Kernel up to 6.7 Bluetooth Module use after free

CVE-2024-55885 | beego up to 2.3.3 weak hash (GHSA-9j3m-fr7q-jxfw)

CVE-2025-54792 | LocalSend up to 1.17.0 channel accessible (GHSA-424h-5f6m-x63f)

CVE-2026-3838 | Unraid 6.8.0/7.0.0/7.0.1 Request Path path traversal