frontaccounting 路径遍历漏洞

frontaccounting is a web-based accounting system for enterprise ERP supply chains by Frontaccounting Team. A path traversal vulnerability exists in frontaccounting faplanet, which stems from an unknown issue in the code that results in path traversal...

JVN#02671769: phpRechnung vulnerable to SQL injection

phpRechnung is a web-based accounting software. list.php of phpRechnung contains an SQL injection CWE-89 vulnerability. Impact An authenticated attacker may obtain or alter information stored in the database. Solution Update the Software Update to the latest version according to the information...

FrontAccounting 'attachments.php'任意文件上传漏洞

Bugtraq ID:66217 FrontAccounting FA是一个针对企业ERP供应链的网页会计系统。 FrontAccounting /admin/attachments.php脚本存在安全漏洞，允许攻击者上传使用恶意扩展名的文件，并以WEB权限执行。 0 FrontAccounting 2.x FrontAccounting 2.3.20已经修复该漏洞，建议用户下载更新： http://frontaccounting.com...

NolaPro Enterprise 4.0.5538 Cross Site Scripting / SQL Injection

Advisory : CORELAN-10-035 Disclosure date : May 1st, 2010 http://www.corelan.be:8800/advisories.php?id=CORELAN-10-035 00 : Vulnerability information Product : NolaPro Enterprise Version : 4.0.5538 Vendor : Noguska LLC URL : http://www.nolapro.com Platform : Windows PHP/MySQL Type of vulnerabiliti...