CVE-2025-67082

The CVE-2025-67082 entry concerns InvoicePlane versions up to 1.6.3. The vulnerability is an SQL injection in the maxQuantity and minQuantity parameters when generating a report, exploitable via error-based SQL injection by an authenticated user. The issue stems from insufficient sanitization of ...

CVE-2025-67082

An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity" and "minQuantity" parameters when generating a report. An authenticated attacker can exploit this issue via error-based SQL injection, allowing for the extraction of arbitrary data from the database...

MAL-2025-47688 Malicious code in max-quantity (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in max-quantity (npm)

--- -= Per source details. Do not edit below this line.=-...

WordPress Min and Max Quantity for WooCommerce Plugin <= 1.3.2.6 is vulnerable to Broken Access Control

Software Min and Max Quantity for WooCommerce Type Plugin Vulnerable versions = 1.3.2.6 Fixed in 1.3.2.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d01f544d9c9e Credits Istv...