CVE-2026-9411

A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGST_Invoice.php of the component Invoice Generation Handler. Performing a manipulation of the argument customer_name/category results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.

More information : https://gist.github.com/c4ttr4ck/f60dfb9fc65a98ad6dde1840dc2c1a5e