CVE-2026-7107 | code-projects Invoice System in Laravel 1.0 /company logo unrestricted upload

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability was found in code-projects Invoice System in Laravel 1.0. It has been classified as critical. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload.

This vulnerability is tracked as CVE-2026-7107. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-7107 | code-projects Invoice System in Laravel 1.0 /company logo unrestricted upload

Post correlati

CVE-2024-9837 | AADMY Plugin up to 2.0.1 on WordPress Shortcode Remote Code Execution

CVE-2024-1171 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.8 on WordPress Filterable Gallery Widget cross site scripting

CVE-2024-49385 | Acronis True Image up to 41396 on Windows permission assignment

CVE-2025-27826 | Bootstrap Lite Theme prior 1.x-1.4.5 on Backdrop cross site scripting (core-2025-005)