CVE-2026-9412
Deferred Deferred - Pending Action
Improper Access Control in Indian Invoicing System 1.0

Publication date: 2026-05-25

Last updated on: 2026-05-25

Assigner: VulDB

Description
A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access controls. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Multiple endpoints are affected.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-25
Last Modified
2026-05-25
Generated
2026-06-15
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-9412
EUVD
EUVD-2026-31613
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sourcecodester indian_invoicing_system 1.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the SourceCodester Indian Invoicing System 1.0, specifically in an unknown function of the Backend Endpoint component. It allows an attacker to manipulate the system to bypass or improperly enforce access controls. The attack can be performed remotely and affects multiple endpoints within the system.

Impact Analysis

Exploiting this vulnerability can lead to improper access control, which means unauthorized users might gain access to sensitive parts of the system or data. This could result in data exposure, unauthorized actions, or other security breaches within the invoicing system.

Compliance Impact

The vulnerability in SourceCodester Indian Invoicing System 1.0 involves improper access controls that can be exploited remotely. Such weaknesses in access control mechanisms can potentially lead to unauthorized access to sensitive data.

Improper access controls may impact compliance with standards and regulations like GDPR and HIPAA, which require strict protection of personal and health-related data. Unauthorized access could result in data breaches, violating these regulations' requirements for confidentiality and security.

However, the provided information does not explicitly state the nature of the data affected or the direct compliance implications.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9412. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart