Full title: InvoicePlane 1.4.10 File Upload / Cross Site Scripting Vulnerabilities 
Category: web applications
Platform: php
InvoicePlane version 1.4.10 suffers from cross site scripting and remote file upload vulnerabilities.

# 0day.today @ http://0day.today/