Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invoiceninja invoice ninja vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-33898
In Invoice Ninja prior to 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an malicious user to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's inpu...
Invoiceninja Invoice Ninja
5.4
CVSSv3
CVE-2021-3977
invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Invoiceninja Invoice Ninja
5.4
CVSSv3
CVE-2017-1000466
Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code.
Invoiceninja Invoice Ninja 3.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started