CVE Catalog

CVE-2026-11559

MediumCVSS 6.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability was detected in CodeAstro Payroll System 1.0 affecting an unknown function of the file /view_account.php. Manipulation of the argument ID results in SQL injection, which can be performed remotely.

Risk Assessment

An attacker may exploit this vulnerability to gain unauthorized access to the database, potentially leading to data leakage or modification.

Recommendation

It is recommended to immediately update the system to the latest version and implement input data filtering to prevent SQL injection.

Original NVD description (English source)

A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS