Vulnerabilities > Invoiceplane > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-17 | CVE-2021-29024 | Files or Directories Accessible to External Parties vulnerability in Invoiceplane 1.5.11 In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. | 7.5 |
| 2017-11-17 | CVE-2017-1000238 | Unrestricted Upload of File with Dangerous Type vulnerability in Invoiceplane 1.4.10 InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. | 8.8 |