7 matches found
Akaunting 3.1.3 Remote Command Execution
Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...
Akaunting < 3.1.3 - Remote Code Execution Exploit
Exploit Title: Akaunting 3.1.3 - RCE Exploit Author: email protected Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests import argparse de...
Akaunting < 3.1.3 - RCE
Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...
CVE-2024-22836
creationtimestamp| type| source ---|---|--- 2024-02-08 21:31:55+00:00| seen| https://t.me/ctinow/181640 2024-02-11 15:01:48+00:00| seen| https://t.me/arpsyndicate/3415 2024-03-02 14:46:48+00:00| seen| https://t.me/ctinow/198379 2025-06-20 20:44:16+00:00| published-proof-of-concept|...
CVE-2024-22836
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server...
CVE-2024-22836
CVE-2024-22836 describes an OS command injection in Akaunting ≤ 3.1.3 where an attacker can manipulate the company locale during app installation to execute system commands on the hosting server. Public exploits and PoCs exist (e.g., PacketStorm/Exploit-DB entries) demonstrating remote code execu...
CVE-2024-22836
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server...