128 matches found
CVE-2014-125080 frontaccounting faplanet path traversal
A vulnerability has been found in frontaccounting faplanet and classified as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. The patch is identified as a5dcd87f46080a624b1a9ad4b0dd035bbd24ac50. It is recommended to apply a patch to fix this issue...
CVE-2014-125080
CVE-2014-125080 affects frontaccounting faplanet and is described as a path traversal vulnerability. The initial and connected documents consistently name unknown code as the vulnerable component and indicate exploitation could lead to unauthorized access to files via path traversal. A patch is i...
PT-2023-10150 · Unknown · Frontaccounting
Name of the Vulnerable Software and Affected Versions: frontaccounting faplanet affected versions not specified Description: A critical vulnerability has been found in frontaccounting faplanet, affecting unknown code and leading to path traversal. Recommendations: At the moment, there is no...
frontaccounting 路径遍历漏洞
frontaccounting is a web-based accounting system for enterprise ERP supply chains by Frontaccounting Team. A path traversal vulnerability exists in frontaccounting faplanet, which stems from an unknown issue in the code that results in path traversal...
CVE-2020-21244
An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...
CVE-2020-21244
An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...
Directory traversal
An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...
CVE-2020-21244
An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...
CVE-2020-21244
An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...
CVE-2020-21244
CVE-2020-21244 affects FrontAccounting 2.4.7. The issue is a Directory Traversal vulnerability exploitable via admin/inst_lang.php, enabling an attacker to empty a folder. The connected documents confirm the vulnerability exists but do not provide exploitation details, affected versions beyond 2....
FrontAccounting SQL Injection Vulnerability
FrontAccounting FA is FrontAccounting's suite of financial software for the ERP supply chain of small and medium-sized businesses. The software includes modules for Purchase Orders, Merchandise Tickets, and Account Sorting and Budgeting. A SQL injection vulnerability exists in the...
Sql injection
includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...
CVE-2019-5720
includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...
CVE-2019-5720
includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...
CVE-2019-5720
includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...
CVE-2019-5720
includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...
CVE-2019-5720
CVE-2019-5720 affects FrontAccounting 2.4.6. The vulnerability is a SQL Injection in includes/db/class.reflines_db.inc, exploitable via the reference field using the void_transaction.php?filterType parameter, potentially allowing an attacker to extract the entire database. Connected sources (RH, ...
Debian DLA-1622-1 : debian-security-support security update
debian-security-support, the Debian security support coverage checker, has been updated in jessie. The jessie relevant changes are : - Mark jasperreports as end-of-life in Jessie. - Mark webkit2gtk as unsupported in all releases. Closes: 914567 - Mark jruby in jessie as end-of-life as per...
CVE-2018-1000890
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...
CVE-2018-1000890
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...