PT-2025-45400

Name of the Vulnerable Software and Affected Versions Manager-io/Manager versions 25.11.1.3085 and below Description Manager-io/Manager accounting software contains a critical flaw in its DNS validation mechanism. This flaw results in a Time-of-Check Time-of-Use TOCTOU condition, allowing attacke...

EUVD-2020-20466

Malware in sbrugna...

EUVD-2025-22151

Malicious code in bioql PyPI...

CVE-2025-54122 Manager-io/Manager allows unauthenticated full read server-side request forgery in "proxy" endpoint

Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery SSRF vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519. This vulnerability allows an...

CVE-2025-54122

The CVE-2025-54122 entry concerns Manager-io/Manager accounting software with an unauthenticated SSRF in the proxy handler used by both Desktop and Server editions. Affected versions go up to 25.7.18.2519; the vulnerability allows bypassing network isolation and reaching internal services or clou...

PT-2025-30343 · Manager Io · Imanager

Name of the Vulnerable Software and Affected Versions: Manager-io/Manager versions up to and including 25.7.18.2519 Description: Manager-io/Manager is accounting software with a critical unauthenticated Server-Side Request Forgery SSRF vulnerability identified in the proxy handler component. This...

CVE-2020-27974

NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUSSCMBlockStart.php?code= XSS...

PT-2025-13658 · Woocommerce · Accounting For Woocommerce

Name of the Vulnerable Software and Affected Versions: Accounting for WooCommerce versions 1.6.8 and earlier Description: The issue is related to Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This allows PHP Local File...

realestateaccountingsoftware.ca Improper Access Control vulnerability OBB-3790695

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Neetai Tech SQL Injection Vulnerability

Neetai Tech is a web development, GST software and accounting software from Neetai India.Neetai Tech is vulnerable to SQL injection, which can be exploited by attackers to cause sql injection issues via manipulation of the /product.php file...

Akaunting Cross-Site Scripting Vulnerability (CNVD-2021-94938)

Akaunting is a free, open source online accounting software designed for small businesses and freelancers. akaunting 2.1.12 and earlier versions contain a persistent cross-site scripting vulnerability when processing user-supplied avatar images. An attacker could exploit the vulnerability to inse...

Akaunting authentication bypass vulnerability

Akaunting is a free, open source online accounting software designed for small businesses and freelancers.An authentication bypass vulnerability exists in the user-controllable field companies0 in Akaunting 2.1.12 and earlier versions. No detailed vulnerability details are currently available...

Akaunting 安全漏洞

Akaunting is a free, open source online accounting software designed for small businesses and freelancers.An authentication bypass vulnerability exists in the user-controllable field companies0 in Akaunting 2.1.12 and earlier versions. No detailed vulnerability details are currently available...

CVE-2020-27974

NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUSSCMBlockStart.php?code= XSS...

Cross site scripting

NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUSSCMBlockStart.php?code= XSS...

CVE-2020-27974

NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUSSCMBlockStart.php?code= XSS...

CVE-2020-27974

CVE-2020-27974 affects NeoPost Mail Accounting Software Pro 5.0.6 and is described as a Cross-Site Scripting (XSS) vulnerability in php/Commun/FUS_SCM_BlockStart.php?code=. The connected sources consistently report an XSS condition without additional exploit details; no specific affected versions...

Xero Accounting Software - Exported components, External URLs, KeyStore usage vulnerabilities

HackApp vulnerability scanner discovered that application Xero Accounting Software published at the 'play' market has multiple vulnerabilities...

JVN#02671769: phpRechnung vulnerable to SQL injection

phpRechnung is a web-based accounting software. list.php of phpRechnung contains an SQL injection CWE-89 vulnerability. Impact An authenticated attacker may obtain or alter information stored in the database. Solution Update the Software Update to the latest version according to the information...

Intuit QuickBooks Installed

QuickBooks, accounting software for small businesses, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58847; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10"; scriptnameenglish:"Intuit...