2 matches found
CVE-2019-5720
includes/db/class.reflinesdb.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the voidtransaction.php filterType parameter...
CVE-2019-5720
CVE-2019-5720 affects FrontAccounting 2.4.6. The vulnerability is a SQL Injection in includes/db/class.reflines_db.inc, exploitable via the reference field using the void_transaction.php?filterType parameter, potentially allowing an attacker to extract the entire database. Connected sources (RH, ...