Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-23377

Malware in sbrugna...

9.1CVSS8.3AI score0.00322EPSS
Exploits1References2
NVD
NVDadded 2021/08/04 11:15 p.m.13 views

CVE-2021-36800

Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /companyid/sales/invoices/invoiceid with an items0price that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the...

9.1CVSS0.00322EPSS
Exploits1References1
OSV
OSVadded 2021/08/04 11:15 p.m.15 views

CVE-2021-36800

Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /companyid/sales/invoices/invoiceid with an items0price that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the...

9.1CVSS7.5AI score
Exploits0References1
Prion
Prionadded 2021/08/04 11:15 p.m.16 views

Code injection

Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /companyid/sales/invoices/invoiceid with an items0price that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the...

9CVSS9.2AI score0.00322EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2021/08/04 10:20 p.m.73 views

CVE-2021-36800

CVE-2021-36800 affects Akaunting v2.1.12 and earlier. A code-injection flaw in Money.php allows a crafted POST to /{company_id}/sales/invoices/{invoice_id} with items[0][price] containing a PHP callable to be executed on the server. Root cause: lack of input sanitization in Money.php, with parseA...

9.1CVSS8.8AI score0.00322EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/08/04 10:20 p.m.12 views

CVE-2021-36800 Akaunting OS Command Injection in 'Money.php'

Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /companyid/sales/invoices/invoiceid with an items0price that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the...

8.7CVSS9.5AI score0.00322EPSS
Exploits1References1
CNNVD
CNNVDadded 2021/08/04 12:0 a.m.1 views

Akaunting 代码注入漏洞

Akaunting is an application from Akaunting that provides all the tools needed to manage money online. A code injection vulnerability exists in Akaunting version 2.1.12 and earlier, which stems from the inclusion of a PHP callable function for items0price in the Money.php component of the...

9.1CVSS7.8AI score0.00322EPSS
Exploits1References2
CNVD
CNVDadded 2017/11/17 12:0 a.m.1 views

SQL injection vulnerability in SaxueArticle article management system money.php page

SaxueArticle article management system is a php+MySQL for the development of php article management system. A SQL injection vulnerability exists in the money.php page of the SaxueArticle article management system. The vulnerability stems from the program's failure to adequately filter...

7.9AI score
Exploits0
Rows per page
Query Builder