CVE-2026-7092 | code-projects Invoice System in Laravel 1.0 Profile /profile/ ID improper authorization

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability was found in code-projects Invoice System in Laravel 1.0. It has been declared as critical. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argument ID leads to improper authorization.

This vulnerability is documented as CVE-2026-7092. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-7092 | code-projects Invoice System in Laravel 1.0 Profile /profile/ ID improper authorization

Post correlati

CVE-2024-49944 | Linux Kernel up to 6.11.2 sctp_listen_start null pointer dereference

CVE-2025-22280 | revmakx DefendWP Firewall Plugin up to 1.1.0 on WordPress authorization

CVE-2026-24948 | Reflector Plugin up to 1.2.2 on WordPress cross site scripting

CVE-2026-31014 | Dovestones AD Self Update up to 4.0.0.4 Endpoint cross-site request forgery