CVE-2026-7109

· NIST NVD ↗

A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component API Endpoint. Performing a manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit is now public and may be used.

MEDIUM
CVSS severity
5.3
CVSS base score
2026-04-27
Published

CWE codes

CWE-266CWE-285

Sources