Lucene search
K

CVE-2024-55555

🗓️ 07 Jan 2025 00:00:00Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 182 Views🌐 WEB

Remote code execution in Invoice Ninja due to APP_KEY exposure in pre-authenticated routes.

Related
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today
Invoice Ninja 5.10.10 Insecure Deserialization / Remote Code Execution Exploit
25 Feb 202500:00
zdt
GithubExploit
Exploit for CVE-2024-55555
31 Jul 202523:46
githubexploit
Circl
CVE-2024-55555
7 Jan 202516:43
circl
CNNVD
Invoice Ninja 代码问题漏洞
7 Jan 202500:00
cnnvd
Cvelist
CVE-2024-55555
7 Jan 202500:00
cvelist
Metasploit
Invoice Ninja unauthenticated PHP Deserialization Vulnerability
25 Feb 202518:53
metasploit
NVD
CVE-2024-55555
7 Jan 202517:15
nvd
OSV
CVE-2024-55555
7 Jan 202500:00
osv
Packet Storm
Invoice Ninja 5.10.10 Insecure Deserialization / Remote Code Execution
25 Feb 202500:00
packetstorm
Packet Storm
📄 Invoice Ninja 5.8.22 PHP Code Injection
17 Dec 202500:00
packetstorm
Rows per page
ParameterPositionPathDescriptionCWE
hashpathroute/{hash}Unauthenticated PHP deserialization via route/{hash} that accepts a Laravel ciphered value and unsafe unserialization leading to RCE when APP_KEY is knownCWE-502

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 08:11Current
8.2High risk
Vulners AI Score8.2
CVSS 3.18.8
EPSS0.06611
SSVC
182