128 matches found
CVE-2020-22390
Akaunting = 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened...
CVE-2020-22390
Akaunting = 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened...
Input validation
Akaunting = 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened...
CVE-2020-22390
Akaunting = 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened...
CVE-2020-22390
CVE-2020-22390 affects Akaunting,
Akaunting 安全漏洞
Akaunting is a free, open source online accounting software designed for small businesses and freelancers. A CSV injection vulnerability exists in the project name field of the export function in Akaunting. An attacker can exploit this vulnerability to inject arbitrary code into the name paramete...
PT-2021-10759 · Akaunting · Akaunting
Name of the Vulnerable Software and Affected Versions: Akaunting versions 2.0.9 and earlier Description: The issue concerns a CSV injection vulnerability in the Item name field of the export function. Attackers can inject arbitrary code into the name parameter, potentially leading to code executi...
Akaunting 1.3.17 Cross Site Scripting
Title: Stored XSS In akaunting compnay name alt Affected Version: 1.0.0 - 1.3.17 Tested on: Chrome, Firefox, Opera Latest version Author: Rudra Sarkar @rudr4sarkar 1. Affected "alt" attribute 2. Create account, Confirm Email Verification 3. Create Company name with "alertdocument.domain; 4. It wi...