CVE-2025-67083 | InvoicePlane up to 1.6.3 Configuration path traversal

Inserito da Angelo Barbosa | Gen 15, 2026 | CVE

A vulnerability classified as critical was found in InvoicePlane up to 1.6.3. Affected by this issue is some unknown functionality of the component Configuration Handler. Executing a manipulation can lead to path traversal.

This vulnerability is registered as CVE-2025-67083. It is possible to launch the attack remotely. No exploit is available.

CVE-2025-67083 | InvoicePlane up to 1.6.3 Configuration path traversal

Post correlati

CVE-2024-40125 | Closed-Loop Technology CLESS Server 4.5.2 PHP unrestricted upload

CVE-2024-13792 | Ex-Themes WooCommerce Food Plugin up to 3.3.2 on WordPress Shortcode code injection

CVE-2024-24725 | Gibbon up to 26.0.00 POST Request import_run.php&type=externalAssessment&step=4 columnOrder deserialization (Exploit 51903 / EDB-51903)

CVE-2024-13138 | wangl1989 mysiteforme 1.0 LocalUploadServiceImpl upload test unrestricted upload