229 matches found
CVE-2025-67084
File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, which can later be executed remotely, leading to Remote Code Execution RCE...
CVE-2025-67082
An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity" and "minQuantity" parameters when generating a report. An authenticated attacker can exploit this issue via error-based SQL injection, allowing for the extraction of arbitrary data from the database...
PT-2026-3026
Name of the Vulnerable Software and Affected Versions InvoicePlane versions through 1.6.3 Description An SQL injection issue exists in InvoicePlane. The problem is found in the maxQuantity and minQuantity parameters when generating a report. A user with valid credentials can exploit this by using...
CVE-2025-64012
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...
EUVD-2025-203770
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...
CVE-2025-64012
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...
PT-2025-51684
Name of the Vulnerable Software and Affected Versions InvoicePlane versions prior to commit debb446c Description The software contains an issue related to incorrect access control. Specifically, the invoices/view handler does not properly verify ownership before disclosing invoice data. This coul...
CVE-2025-64012
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...
CVE-2025-64012
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...
InvoicePlane 安全漏洞
InvoicePlane is an application from InvoicePlane Open Source. Provides a self-hosted open source application for managing your quotes, invoices, customers and payments. InvoicePlane suffers from a security vulnerability that stems from improper access control and could lead to invoice data leakag...
CVE-2025-64012
CVE-2025-64012 affects InvoicePlane. The vulnerability is an Incorrect Access Control flaw in the invoices/view handler where ownership is not verified before returning invoice data, potentially leaking invoice information. Root cause is lack of ownership verification around invoice data disclosu...
EUVD-2017-1507
Malware in sbrugna...
EUVD-2021-15669
Malware in sbrugna...
EUVD-2019-16767
Malware in sbrugna...
EUVD-2017-1506
Malware in sbrugna...
EUVD-2021-15670
Malware in sbrugna...
EUVD-2021-15668
Malware in sbrugna...
EUVD-2018-4233
Malware in sbrugna...
EUVD-2017-9349
Malware in sbrugna...
EUVD-2024-50890
Malicious code in bioql PyPI...