Browse all 124 CVE security advisories affecting CodeAstro. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CodeAstro operates as a software development and IT services provider, primarily focusing on custom application development and digital transformation solutions for enterprise clients. Security audits have identified a significant volume of vulnerabilities within its ecosystem, with 122 CVEs currently on record. These flaws predominantly involve remote code execution and cross-site scripting, indicating persistent weaknesses in input validation and session management across various deployed modules. Additionally, several instances of privilege escalation have been documented, suggesting inadequate access control mechanisms in legacy systems. While no single catastrophic breach has been publicly attributed solely to CodeAstro, the high frequency of critical severity ratings highlights systemic issues in their secure development lifecycle. Recent patches have addressed some remote execution vectors, yet the sheer number of outstanding issues necessitates rigorous third-party security assessments to mitigate ongoing risks for dependent organizations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13280 | CodeAstro Simple Inventory System Login index.php sql injection — Simple Inventory SystemCWE-89 | 7.3 | High | 2025-11-17 |
This page lists every published CVE security advisory associated with CodeAstro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.