Browse all 125 CVE security advisories affecting CodeAstro. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CodeAstro operates as a software development and IT services provider, primarily focusing on custom application development and digital transformation solutions for enterprise clients. Security audits have identified a significant volume of vulnerabilities within its ecosystem, with 122 CVEs currently on record. These flaws predominantly involve remote code execution and cross-site scripting, indicating persistent weaknesses in input validation and session management across various deployed modules. Additionally, several instances of privilege escalation have been documented, suggesting inadequate access control mechanisms in legacy systems. While no single catastrophic breach has been publicly attributed solely to CodeAstro, the high frequency of critical severity ratings highlights systemic issues in their secure development lifecycle. Recent patches have addressed some remote execution vectors, yet the sheer number of outstanding issues necessitates rigorous third-party security assessments to mitigate ongoing risks for dependent organizations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-1268 | CodeAstro Restaurant POS System update_product.php unrestricted upload — Restaurant POS SystemCWE-434 | 6.3 | Medium | 2024-02-07 |
| CVE-2024-1267 | CodeAstro Restaurant POS System create_account.php cross site scripting — Restaurant POS SystemCWE-79 | 3.5 | Low | 2024-02-07 |
This page lists every published CVE security advisory associated with CodeAstro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.