CVE-2025-67082 | InvoicePlane up to 1.6.3 maxQuantity/minQuantity sql injection

Inserito da Angelo Barbosa | Gen 15, 2026 | CVE

A vulnerability classified as critical has been found in InvoicePlane up to 1.6.3. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument maxQuantity/minQuantity results in sql injection.

This vulnerability is cataloged as CVE-2025-67082. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-67082 | InvoicePlane up to 1.6.3 maxQuantity/minQuantity sql injection

Post correlati

CVE-2024-9981 | FormosaSoft ee-class prior 20240326.13r14494 filename control

CVE-2023-47321 | Silverpeas Core 6.3.1 Porlet Deployer access control

CVE-2025-1165 | Lumsoft ERP 8 /Api/FileUploadApi.ashx DoUpload/DoWebUpload file unrestricted upload

CVE-2023-36391 | Microsoft Windows 11 23H2 Local Security Authority Subsystem Service Local Privilege Escalation