34 matches found
CVE-2026-34366
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
CVE-2026-34366
CVE-2026-34366 affects InvoiceShelf prior to v2.2.0. An SSRF exists in the Payment receipt PDF generation module where user-supplied HTML in the Notes field is passed unsanitised to the Dompdf renderer, allowing remote resources to be fetched. The issue is exploitable directly via the PDF receipt...
CVE-2026-34366 InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
CVE-2026-34366
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
CVE-2026-34366 InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Payment receipt PDF generation module. User-supplied HTML in the payment Notes...
Threat Outbreak Alert RuleID30307: Email Messages Distributing Malicious Software on August 24, 2017
Medium Alert ID: 54938 First Published: 2017 August 24 17:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30307 may contain the following files: Name |...
Dridex and Locky Return Via PDF Attachments in Latest Campaigns
Dridex and Locky, two prolific malware families that made waves in 2016 after being distributed in several high-volume spam campaigns, have returned after a brief hiatus. FireEye observed a decline in the volume of Dridex and Locky in the latter half of 2016, but we recently observed two new larg...
Tax-themed phishing and malware attacks proliferate during the tax filing season
Tax-themed scams and social engineering attacks are as certain as death or tax itself. Every year we see these attacks, and 2017 is no different. These attacks circulate year-round as cybercriminals take advantage of the different country and region tax schedules, but they peak in the months...
Threat Outbreak Alert RuleID25094: Email Messages Distributing Malicious Software on September 18, 2016
Medium Alert ID: 48943 First Published: 2016 September 19 13:02 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID25094 may contain the following files: Name ...
Threat Outbreak Alert RuleID22154: Email Messages Distributing Malicious Software on August 31, 2016
Medium Alert ID: 44562 First Published: 2016 April 8 18:54 GMT Last Updated: 2016 September 1 13:22 GMT Version: 23 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22154 a...
Threat Outbreak Alert RuleID22100: Email Messages Distributing Malicious Software on April 5, 2016
Medium Alert ID: 44503 First Published: 2016 April 6 13:51 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22100 may contain the following files: Name | Siz...
Threat Outbreak Alert RuleID22066: Email Messages Distributing Malicious Software on April 3, 2016
Medium Alert ID: 44475 First Published: 2016 April 4 13:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22066 may contain the following files: Name | Siz...
Coinbase: Inaccurate Payment receipt
This was a UI issue...
Threat Outbreak Alert RuleID21450: Email Messages Distributing Malicious Software on March 9, 2016
Medium Alert ID: 43908 First Published: 2016 March 8 14:52 GMT Last Updated: 2016 March 10 13:11 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID21450 and...
Threat Outbreak Alert RuleID19918: Email Messages Distributing Malicious Software on December 5, 2015
Medium Alert ID: 42537 First Published: 2015 December 7 14:15 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID19918 may contain the following files: Name |...
Threat Outbreak Alert RuleID19849: Email Messages Distributing Malicious Software on December 3, 2015
Medium Alert ID: 42479 First Published: 2015 December 3 13:20 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID19849 may contain the following files: Name |...
Threat Outbreak Alert RuleID17656: Email Messages Distributing Malicious Software on August 29, 2015
Medium Alert ID: 40731 First Published: 2015 August 31 13:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID17656 may contain the following files: Name |...
Threat Outbreak Alert RuleID13734: Email Messages Distributing Malicious Software on February 26, 2015
Medium Alert ID: 37604 First Published: 2015 February 26 18:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID13734 may contain the following files: Name |...
Threat Outbreak Alert RuleID12643: Email Messages Distributing Malicious Software on December 1, 2014
Medium Alert ID: 36558 First Published: 2014 December 1 17:30 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID12643 may contain the following files: Name |...
Threat Outbreak Alert: Fake Payment Receipt Notification Email Messages on April 28, 2014
Medium Alert ID: 33977 First Published: 2014 April 29 18:26 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment receipt for the recipient. The text in the email message attempts to convince the recipient to open th...