Known Vulnerabilities for products from Invoiceninja
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Invoiceninja".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33742 | Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Product notes fields in... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33628 | Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Invoice line item descr... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-29925 | Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery (SSRF) in CheckDatabaseRequest.php. | Not Provided | 2026-03-30 | 2026-04-02 |
| CVE-2021-33898 | In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that ... | 8.1 - HIGH | 2021-06-06 | 2021-06-15 |
| CVE-2021-3977 | invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 5.4 - MEDIUM | 2021-12-24 | 2021-12-30 |
| CVE-2017-1000466 | Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, whi... | 5.4 - MEDIUM | 2018-01-03 | 2018-01-16 |
Known software with vulnerabilities from Invoiceninja
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Invoiceninja | Invoice Ninja | 1.0.2 |