CVE-2026-11559

Publié : 8 juin 2026

Modifié : 8 juin 2026

Score CVSS

6.3

MEDIUM

Description détaillée

A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Références et Patchs

https://codeastro.com/https://github.com/Andelstander/cve/issues/1 https://vuldb.com/cve/CVE-2026-11559 https://vuldb.com/submit/836791 https://vuldb.com/vuln/369169 https://vuldb.com/vuln/369169/cti

Dernières Vulnérabilités

CVE-2026-11701

Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

VOIR DÉTAILS

CVE-2026-11700

Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

VOIR DÉTAILS

CVE-2026-11699

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

VOIR DÉTAILS