Lucene search
K

128 matches found

Cvelist
Cvelist
added 2023/01/16 5:58 p.m.25 views

CVE-2014-125080 frontaccounting faplanet path traversal

A vulnerability has been found in frontaccounting faplanet and classified as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. The patch is identified as a5dcd87f46080a624b1a9ad4b0dd035bbd24ac50. It is recommended to apply a patch to fix this issue...

5.5CVSS9.6AI score0.00872EPSS
Exploits0References3
CVE
CVE
added 2023/01/16 5:58 p.m.46 views

CVE-2014-125080

CVE-2014-125080 affects frontaccounting faplanet and is described as a path traversal vulnerability. The initial and connected documents consistently name unknown code as the vulnerable component and indicate exploitation could lead to unauthorized access to files via path traversal. A patch is i...

9.8CVSS7.5AI score0.00872EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.5 views

PT-2023-10150 · Unknown · Frontaccounting

Name of the Vulnerable Software and Affected Versions: frontaccounting faplanet affected versions not specified Description: A critical vulnerability has been found in frontaccounting faplanet, affecting unknown code and leading to path traversal. Recommendations: At the moment, there is no...

9.8CVSS7.1AI score0.00872EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/01/16 12:0 a.m.4 views

frontaccounting 路径遍历漏洞

frontaccounting is a web-based accounting system for enterprise ERP supply chains by Frontaccounting Team. A path traversal vulnerability exists in frontaccounting faplanet, which stems from an unknown issue in the code that results in path traversal...

9.8CVSS6.4AI score0.00872EPSS
Exploits0References4
NVD
NVD
added 2020/09/30 6:15 p.m.17 views

CVE-2020-21244

An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...

5.5CVSS0.01013EPSS
Exploits1References1
OSV
OSV
added 2020/09/30 6:15 p.m.3 views

CVE-2020-21244

An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...

4.9CVSS5.8AI score0.01013EPSS
Exploits1References1
Prion
Prion
added 2020/09/30 6:15 p.m.13 views

Directory traversal

An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...

5.5CVSS5.1AI score0.01013EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/09/30 6:15 p.m.37 views

CVE-2020-21244

An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...

5.5CVSS5.9AI score0.01013EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/09/30 2:6 p.m.22 views

CVE-2020-21244

An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...

5.1AI score0.01013EPSS
Exploits1References1
CVE
CVE
added 2020/09/30 2:6 p.m.42 views

CVE-2020-21244

CVE-2020-21244 affects FrontAccounting 2.4.7. The issue is a Directory Traversal vulnerability exploitable via admin/inst_lang.php, enabling an attacker to empty a folder. The connected documents confirm the vulnerability exists but do not provide exploitation details, affected versions beyond 2....

5.5CVSS5.1AI score0.01013EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/01/11 12:0 a.m.2 views

FrontAccounting SQL Injection Vulnerability

FrontAccounting FA is FrontAccounting's suite of financial software for the ERP supply chain of small and medium-sized businesses. The software includes modules for Purchase Orders, Merchandise Tickets, and Account Sorting and Budgeting. A SQL injection vulnerability exists in the...

9.8CVSS8.3AI score0.01537EPSS
Exploits1References1
Prion
Prion
added 2019/01/08 10:29 a.m.12 views

Sql injection

includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...

7.5CVSS9.7AI score0.01537EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/01/08 10:29 a.m.27 views

CVE-2019-5720

includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...

9.8CVSS7.2AI score0.01537EPSS
Exploits1References2
OSV
OSV
added 2019/01/08 10:29 a.m.3 views

CVE-2019-5720

includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...

9.8CVSS7.4AI score0.01537EPSS
Exploits1References1
NVD
NVD
added 2019/01/08 10:29 a.m.19 views

CVE-2019-5720

includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...

9.8CVSS9.8AI score0.01537EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/01/08 10:0 a.m.18 views

CVE-2019-5720

includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...

9.7AI score0.01537EPSS
Exploits1References1
CVE
CVE
added 2019/01/08 10:0 a.m.40 views

CVE-2019-5720

CVE-2019-5720 affects FrontAccounting 2.4.6. The vulnerability is a SQL Injection in includes/db/class.reflines_db.inc, exploitable via the reference field using the void_transaction.php?filterType parameter, potentially allowing an attacker to extract the entire database. Connected sources (RH, ...

9.8CVSS9.6AI score0.01537EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/12/31 12:0 a.m.14 views

Debian DLA-1622-1 : debian-security-support security update

debian-security-support, the Debian security support coverage checker, has been updated in jessie. The jessie relevant changes are : - Mark jasperreports as end-of-life in Jessie. - Mark webkit2gtk as unsupported in all releases. Closes: 914567 - Mark jruby in jessie as end-of-life as per...

5.4AI score
Exploits0References2
NVD
NVD
added 2018/12/28 4:29 p.m.18 views

CVE-2018-1000890

FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...

7.5CVSS7.9AI score0.01779EPSS
Exploits1References2
OSV
OSV
added 2018/12/28 4:29 p.m.4 views

CVE-2018-1000890

FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...

7.5CVSS5.8AI score0.01779EPSS
Exploits1References2
Rows per page
Query Builder