InvoicePlane
Moderate fix1 remedy
cpe:2.3:a:invoiceplane:invoiceplane:*:*:*:*:*:*:*
Moderate fix1 remedy
- <= 1.6.3
InvoicePlane SQL Injection Vulnerability Allowing Data Extraction
Vulnerability
Patched
A SQL injection vulnerability has been identified in InvoicePlane versions through 1.6.3. The issue arises in the reporting functionality, specifically within the 'maxQuantity' and 'minQuantity' parameters. An authenticated attacker can exploit this vulnerability through error-based SQL injection, allowing for the extraction of arbitrary data from the database. The root cause of the vulnerability is insufficient sanitization of single quotes in the SQL query construction.
Impact
Exploitation of this vulnerability allows for error-based SQL injection, enabling authenticated attackers to manipulate SQL queries and extract sensitive data from the database.
Reproduction
To reproduce this vulnerability, an authenticated user can send a request to the reporting feature with crafted 'maxQuantity' and 'minQuantity' parameters. The injected SQL payloads can exploit the application's SQL query handling, leading to data extraction via the application's error messages.
Remediation
Users can upgrade to InvoicePlane version 1.6.4 to address this vulnerability.
Added: Jan 15, 2026, 3:22 PM
Updated: Jan 15, 2026, 4:49 PM
Vulnerability Rating
Custom Algorithm
spread
3.1impact
3.1exploitability
6.3remediation
7.7relevance
2.1threat
4.8urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.