CVE-2026-7091

· NIST NVD ↗

A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used.

MEDIUM
CVSS severity
6.3
CVSS base score
2026-04-27
Published

CWE codes

CWE-266CWE-285

Sources