CVE-2026-29925

Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery SSRF in CheckDatabaseRequest.php...

Server-side Request Forgery (SSRF)

Overview hillelcoren/invoice-ninja is an Invoices, expenses & time-tracking built with Laravel Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CheckDatabaseRequest.php process. An attacker can make unauthorized requests to internal or external systems ...

CVE-2026-29925

Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery SSRF in CheckDatabaseRequest.php...

CVE-2026-29925

Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery SSRF in CheckDatabaseRequest.php...

CVE-2026-29925

Invoice Ninja v5.12.46 and v5.12.48 are vulnerable to Server-Side Request Forgery (SSRF) in the file CheckDatabaseRequest.php . The provided documents identify the affected versions and the vulnerability class but do not include exploit details, specific endpoint/condition, or remediation steps. ...

CVE-2026-29925

Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery SSRF in CheckDatabaseRequest.php...

Fiyo CMS Arbitrary File Deletion Vulnerability (CNVD-2017-26594)

Fiyo CMS is a content management system CMS for creating CMS templates. A security vulnerability exists in the dapur\apps\appconfig\controller\backuper.php file in Fiyo CMS version 2.0.7. The vulnerability can be exploited by a remote attacker to delete arbitrary files using the 'file' parameter ...

PHP PDO out-of-boundaures access

Out-of-bounds access via precompiled database request...

CVE-2008-6493

Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database/News.mdb...

CVE-2001-1454

Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request...