### 关键漏洞信息 - **CVEs**: - CVE-2025-67082 - CVE-2025-67083 - CVE-2025-67084 - **Product**: InvoicePlane - **Severity**: High - **Affected Version(s)**: ≤ 1.6.3 - **Fixed Version(s)**: 1.6.4 - **Issue**: Multiple security vulnerabilities were identified in InvoicePlane that affect the version "1.6.3". These issues include unauthenticated file read, authenticated SQL injection, and authenticated arbitrary PHP file upload, which may lead to remote code execution (RCE). - **Timeline**: | DATE | DESCRIPTION | |---|---| | 18/08/2025 | Reporting vulnerabilities through the GitHub project | | 21/08/2025 | Response from the publisher and start of corrections | | 01/12/2025 | v1.6.4-beta-1 fixes vulnerabilities | | 06/01/2026 | CVE identifiers have been reserved | - **Technical Details**: - **Unauthenticated File Read / CVE-2025-67083**: An unauthenticated attacker can read files from the server through a directory traversal vulnerability. - **Authenticated SQL Injection / CVE-2025-67082**: An authenticated user can inject arbitrary SQL commands. - **Authenticated Arbitrary PHP File Upload / CVE-2025-67084**: An authenticated user can upload arbitrary PHP files.