InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A critical Remote Code Execution (RCE)…
GitHub_M·CWE-94·Published 2026-02-18
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A critical Remote Code Execution (RCE) vulnerability exists in InvoicePlane 1.7.0 through a chained Local File Inclusion (LFI) and Log Poisoning attack. An authenticated administrator can execute arbitrary system commands on the server by manipulating the `public_invoice_template` setting to include poisoned log files containing PHP code. Version 1.7.1 patches the issue.
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A critical Remote Code Execution (RCE) vulnerability exists in InvoicePlane 1.7.0 through a chained Local File Inclusion (LFI) and Log Poisoning attack. An authenticated administrator can execute arbitrary system commands on the server by manipulating the `public_invoice_template` setting to include poisoned log files containing PHP code. Version 1.7.1 patches the issue.
InvoicePlane es una aplicación de código abierto autoalojada para gestionar facturas, clientes y pagos. Una vulnerabilidad crítica de ejecución remota de código (RCE) existe en InvoicePlane 1.7.0 a través de un ataque encadenado de inclusión local de ficheros (LFI) y envenenamiento de logs. Un administrador autenticado puede ejecutar comandos de sistema arbitrarios en el servidor manipulando la configuración 'public_invoice_template' para incluir ficheros de log envenenados que contienen código PHP. La versión 1.7.1 corrige el problema.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 9.1 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 9.1 | — | — | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
| 3.1 | Secondary | NVD | 9.1 | 2.3 | 6.0 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |