CVE-2026-0649 invoiceninja Migration Import Import.php copy server-side request forgery

A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is the function copy of the file /app/Jobs/Util/Import.php of the component Migration Import. The manipulation of the argument companylogo leads to server-side request forgery. It is possible to initiat...

CVE-2026-0649 invoiceninja Migration Import Import.php copy server-side request forgery

A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is the function copy of the file /app/Jobs/Util/Import.php of the component Migration Import. The manipulation of the argument companylogo leads to server-side request forgery. It is possible to initiat...

Invoice Ninja 代码问题漏洞

Invoice Ninja is a free invoicing software from Invoice Ninja USA. A code issue vulnerability exists in Invoice Ninja version 5.12.38 and earlier, which stems from the incorrect manipulation of the parameter companylogo in the file /app/Jobs/Util/Import.php of the component Migration Import, whic...

PT-2026-1550

Name of the Vulnerable Software and Affected Versions invoiceninja versions prior to 5.12.38 Description A security issue exists in invoiceninja. The issue involves server-side request forgery SSRF stemming from manipulation of the company logo argument within the copy function of the...

WordPress plugin qTranslate X Cleanup and WPML Import 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...