Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an attacker to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's input must be hosted at http://www.geoplugin.net (cleartext HTTP), and thus a successful attack requires spoofing that site or obtaining control of it.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invoice Ninja 代码问题漏洞
Vulnerability Description
invoiceninja是Github开源的应用软件一个用 Laravel 和 Flutter 构建的开源发票应用 Invoice Ninja在4.4.0之前存在安全漏洞,该漏洞允许攻击者可利用该漏洞反序列化任意PHP类。
CVSS Information
N/A
Vulnerability Type
N/A