Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Invoice Ninja PDF Rendering Server Side Request Forgery
Vulnerability Description
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for arbitrary file read and network resource requests as the application user. This issue affects Invoice Ninja: from 5.8.56 through 5.11.23.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Invoice Ninja 代码问题漏洞
Vulnerability Description
Invoice Ninja是Invoice Ninja开源的一个使用 Laravel 构建的可用发票、报价、项目和时间跟踪应用程序。 Invoice Ninja 5.8.56版本至5.11.23版本存在代码问题漏洞。攻击者利用该漏洞可以读取任意文件和请求任意网络资源。
CVSS Information
N/A
Vulnerability Type
N/A