CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-67084

File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated attackers to upload arbitrary PHP files into attachments, which can later be executed remotely, leading to Remote Code Execution (RCE).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.3%

CVSS Severity

CVSS v3 Score 9.9

References

Products affected by CVE-2025-67084

Invoiceplane » Invoiceplane » Version: 0.9

cpe:2.3:a:invoiceplane:invoiceplane:0.9
Invoiceplane » Invoiceplane » Version: 1.0.0

cpe:2.3:a:invoiceplane:invoiceplane:1.0.0
Invoiceplane » Invoiceplane » Version: 1.0.1

cpe:2.3:a:invoiceplane:invoiceplane:1.0.1
Invoiceplane » Invoiceplane » Version: 1.0.2

cpe:2.3:a:invoiceplane:invoiceplane:1.0.2
Invoiceplane » Invoiceplane » Version: 1.1.0

cpe:2.3:a:invoiceplane:invoiceplane:1.1.0
Invoiceplane » Invoiceplane » Version: 1.1.1

cpe:2.3:a:invoiceplane:invoiceplane:1.1.1
Invoiceplane » Invoiceplane » Version: 1.1.2

cpe:2.3:a:invoiceplane:invoiceplane:1.1.2
Invoiceplane » Invoiceplane » Version: 1.2.0

cpe:2.3:a:invoiceplane:invoiceplane:1.2.0
Invoiceplane » Invoiceplane » Version: 1.2.1

cpe:2.3:a:invoiceplane:invoiceplane:1.2.1
Invoiceplane » Invoiceplane » Version: 1.3.0

cpe:2.3:a:invoiceplane:invoiceplane:1.3.0
Invoiceplane » Invoiceplane » Version: 1.3.1

cpe:2.3:a:invoiceplane:invoiceplane:1.3.1
Invoiceplane » Invoiceplane » Version: 1.3.2

cpe:2.3:a:invoiceplane:invoiceplane:1.3.2
Invoiceplane » Invoiceplane » Version: 1.3.3

cpe:2.3:a:invoiceplane:invoiceplane:1.3.3
Invoiceplane » Invoiceplane » Version: 1.4.0

cpe:2.3:a:invoiceplane:invoiceplane:1.4.0
Invoiceplane » Invoiceplane » Version: 1.4.1

cpe:2.3:a:invoiceplane:invoiceplane:1.4.1
Invoiceplane » Invoiceplane » Version: 1.4.10

cpe:2.3:a:invoiceplane:invoiceplane:1.4.10
Invoiceplane » Invoiceplane » Version: 1.4.2

cpe:2.3:a:invoiceplane:invoiceplane:1.4.2
Invoiceplane » Invoiceplane » Version: 1.4.3

cpe:2.3:a:invoiceplane:invoiceplane:1.4.3
Invoiceplane » Invoiceplane » Version: 1.4.4

cpe:2.3:a:invoiceplane:invoiceplane:1.4.4
Invoiceplane » Invoiceplane » Version: 1.4.5

cpe:2.3:a:invoiceplane:invoiceplane:1.4.5
Invoiceplane » Invoiceplane » Version: 1.4.6

cpe:2.3:a:invoiceplane:invoiceplane:1.4.6
Invoiceplane » Invoiceplane » Version: 1.4.7

cpe:2.3:a:invoiceplane:invoiceplane:1.4.7
Invoiceplane » Invoiceplane » Version: 1.4.8

cpe:2.3:a:invoiceplane:invoiceplane:1.4.8
Invoiceplane » Invoiceplane » Version: 1.4.9

cpe:2.3:a:invoiceplane:invoiceplane:1.4.9
Invoiceplane » Invoiceplane » Version: 1.5.0

cpe:2.3:a:invoiceplane:invoiceplane:1.5.0
Invoiceplane » Invoiceplane » Version: 1.5.1

cpe:2.3:a:invoiceplane:invoiceplane:1.5.1
Invoiceplane » Invoiceplane » Version: 1.5.10

cpe:2.3:a:invoiceplane:invoiceplane:1.5.10
Invoiceplane » Invoiceplane » Version: 1.5.11

cpe:2.3:a:invoiceplane:invoiceplane:1.5.11
Invoiceplane » Invoiceplane » Version: 1.5.2

cpe:2.3:a:invoiceplane:invoiceplane:1.5.2
Invoiceplane » Invoiceplane » Version: 1.5.3

cpe:2.3:a:invoiceplane:invoiceplane:1.5.3
Invoiceplane » Invoiceplane » Version: 1.5.4

cpe:2.3:a:invoiceplane:invoiceplane:1.5.4
Invoiceplane » Invoiceplane » Version: 1.5.5

cpe:2.3:a:invoiceplane:invoiceplane:1.5.5
Invoiceplane » Invoiceplane » Version: 1.5.6

cpe:2.3:a:invoiceplane:invoiceplane:1.5.6
Invoiceplane » Invoiceplane » Version: 1.5.7

cpe:2.3:a:invoiceplane:invoiceplane:1.5.7
Invoiceplane » Invoiceplane » Version: 1.5.8

cpe:2.3:a:invoiceplane:invoiceplane:1.5.8
Invoiceplane » Invoiceplane » Version: 1.5.9

cpe:2.3:a:invoiceplane:invoiceplane:1.5.9
Invoiceplane » Invoiceplane » Version: 1.6.0

cpe:2.3:a:invoiceplane:invoiceplane:1.6.0
Invoiceplane » Invoiceplane » Version: 1.6.1

cpe:2.3:a:invoiceplane:invoiceplane:1.6.1
Invoiceplane » Invoiceplane » Version: 1.6.2

cpe:2.3:a:invoiceplane:invoiceplane:1.6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-67084

Products

Pricing

Contact Us