2 matches found
CVE-2018-1000890
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...
CVE-2018-1000890
CVE-2018-1000890 affects FrontAccounting 2.4.5 with a Time Based Blind SQL Injection in the /attachments.php endpoint via the filterType parameter. The vulnerability could allow an attacker to retrieve data from the application's database. Public sources in the connected data confirm the issue an...