Search
Search Results (4 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9414 | 1 Sourcecodester | 1 Indian Invoicing System | 2026-05-25 | 3.5 Low |
| A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/add_order.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customer_name results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-9413 | 1 Sourcecodester | 1 Indian Invoicing System | 2026-05-25 | 4.3 Medium |
| A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg leads to cross site scripting. The attack may be initiated remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-9412 | 1 Sourcecodester | 1 Indian Invoicing System | 2026-05-25 | 6.3 Medium |
| A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Multiple endpoints are affected. | ||||
| CVE-2026-9411 | 1 Sourcecodester | 1 Indian Invoicing System | 2026-05-25 | 6.3 Medium |
| A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGST_Invoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customer_name/category results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. | ||||
Page 1 of 1.