CVE-2025-67084
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| invoiceplane | invoiceplane | to 1.6.4 (exc) |
| invoiceplane | invoiceplane | From 1.6.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-616 | The PHP application uses an old method for processing uploaded files by referencing the four global variables that are set for each file (e.g. $varname, $varname_size, $varname_name, $varname_type). These variables could be overwritten by attackers, causing the application to process unauthorized files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a file upload flaw in InvoicePlane version 1.6.3 that allows authenticated attackers to upload arbitrary PHP files as attachments. These uploaded PHP files can then be executed remotely, resulting in Remote Code Execution (RCE) on the server.
How can this vulnerability impact me? :
The vulnerability can allow an attacker with authentication to execute arbitrary code on the server hosting InvoicePlane by uploading and running malicious PHP files. This can lead to unauthorized control over the server, data compromise, and potentially further attacks within the network.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade InvoicePlane to a version later than 1.6.3 where the file upload vulnerability is fixed. Additionally, restrict authenticated user permissions to prevent arbitrary file uploads and monitor uploaded attachments for suspicious PHP files. [1]