3 matches found
EUVD-2021-23379
Malware in sbrugna...
CVE-2021-36803
Akaunting version 2.1.12 and earlier suffers from a persistent type II cross-site scripting XSS vulnerability in processing user-supplied avatar images. This issue was fixed in version 2.1.13 of the product...
CVE-2021-36800 Akaunting OS Command Injection in 'Money.php'
Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /companyid/sales/invoices/invoiceid with an items0price that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the...