All 2 CVE vulnerabilities found in Invoice Generator, with AI-generated Chinese analysis, references, and POCs.
Vendor: pravel
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-12415 | Invoice Generator <= 1.0.0 - Unauthenticated Privilege Escalation via Account Takeover via 'user_id' Parameter CWE-269 | 9.8 | Critical | 2026-06-27 |
| CVE-2026-12416 | Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter CWE-640 | 9.8 | Critical | 2026-06-24 |
All 2 known CVE vulnerabilities affecting Invoice Generator with full Chinese analysis, references, and POCs where available.