Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
invoiceninja invoice ninja vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-33898
In Invoice Ninja prior to 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an malicious user to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's inpu...
Invoiceninja Invoice Ninja
3.5
CVSSv2
CVE-2021-3977
invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Invoiceninja Invoice Ninja
3.5
CVSSv2
CVE-2017-1000466
Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code.
Invoiceninja Invoice Ninja 3.8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started