Lucene search
K

229 matches found

OSV
OSV
added 2026/01/15 12:0 a.m.4 views

CVE-2025-67084

File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, which can later be executed remotely, leading to Remote Code Execution RCE...

9.9CVSS7.5AI score0.004EPSS
Exploits1References4
OSV
OSV
added 2026/01/15 12:0 a.m.2 views

CVE-2025-67082

An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity" and "minQuantity" parameters when generating a report. An authenticated attacker can exploit this issue via error-based SQL injection, allowing for the extraction of arbitrary data from the database...

6.5CVSS7.9AI score0.00271EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.4 views

PT-2026-3026

Name of the Vulnerable Software and Affected Versions InvoicePlane versions through 1.6.3 Description An SQL injection issue exists in InvoicePlane. The problem is found in the maxQuantity and minQuantity parameters when generating a report. A user with valid credentials can exploit this by using...

6.5CVSS7.4AI score0.00271EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.6 views

CVE-2025-64012

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

4.3CVSS6.9AI score0.00253EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/16 6:31 p.m.4 views

EUVD-2025-203770

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

5.3CVSS6.4AI score0.00253EPSS
Exploits1References3
NVD
NVD
added 2025/12/16 4:15 p.m.5 views

CVE-2025-64012

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

4.3CVSS0.00253EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.4 views

PT-2025-51684

Name of the Vulnerable Software and Affected Versions InvoicePlane versions prior to commit debb446c Description The software contains an issue related to incorrect access control. Specifically, the invoices/view handler does not properly verify ownership before disclosing invoice data. This coul...

4.3CVSS6.3AI score0.00253EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/16 12:0 a.m.28 views

CVE-2025-64012

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

0.00253EPSS
Exploits1References2
OSV
OSV
added 2025/12/16 12:0 a.m.4 views

CVE-2025-64012

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

4.3CVSS6.8AI score0.00253EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.8 views

InvoicePlane 安全漏洞

InvoicePlane is an application from InvoicePlane Open Source. Provides a self-hosted open source application for managing your quotes, invoices, customers and payments. InvoicePlane suffers from a security vulnerability that stems from improper access control and could lead to invoice data leakag...

4.3CVSS6.5AI score0.00253EPSS
Exploits1References2
CVE
CVE
added 2025/12/16 12:0 a.m.12 views

CVE-2025-64012

CVE-2025-64012 affects InvoicePlane. The vulnerability is an Incorrect Access Control flaw in the invoices/view handler where ownership is not verified before returning invoice data, potentially leaking invoice information. Root cause is lack of ownership verification around invoice data disclosu...

4.3CVSS6.5AI score0.00253EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-1507

Malware in sbrugna...

5.4CVSS6AI score0.00476EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15669

Malware in sbrugna...

5.3CVSS5.4AI score0.00844EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-16767

Malware in sbrugna...

5.4CVSS5.6AI score0.00667EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-1506

Malware in sbrugna...

8.8CVSS8.8AI score0.0107EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-15670

Malware in sbrugna...

7.5CVSS7.5AI score0.01353EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15668

Malware in sbrugna...

5.3CVSS5.6AI score0.01044EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4233

Malware in sbrugna...

6.1CVSS5.8AI score0.00717EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-9349

Malware in sbrugna...

6.1CVSS6.3AI score0.01307EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50890

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00543EPSS
Exploits0References5
Rows per page
Query Builder