CVE-2026-7093

Name of the Vulnerable Software and Affected Versions code-projects Invoice System in Laravel version 1.0

Description An improper authorization flaw exists in the Invoice Endpoint component within the '/invoice/' file. By manipulating the ID parameter, a remote attacker can bypass access controls to expose or alter invoice-related data. This is an Insecure Direct Object Reference (IDOR), which occurs when an application provides direct access to objects based on user-supplied input.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.