In Invoice Ninja prior to 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an malicious user to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's input must be hosted at www.geoplugin.net (cleartext HTTP), and thus a successful attack requires spoofing that site or obtaining control of it.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invoiceninja invoice ninja |