| ID | CVE-2025-10009 | ||||||
| Sažetak | Incorrect handling of uploaded files in the admin "Restore" function in Invoice Ninja <= 5.11.72 allows attackers with admin credentials to execute arbitrary code on the server via uploaded .php files. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | None | ||||||
| Zadnje važnije ažuriranje | 22-09-2025 - 21:22 | ||||||
| Objavljeno | 22-09-2025 - 10:15 |
