Frontaccounting » Frontaccounting » 2.1.0 rc : Security Vulnerabilities, CVEs,

cpe:2.3:a:frontaccounting:frontaccounting:2.1.0:rc:*:*:*:*:*:*

CVE-2014-3973

Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.13%
Published
2014-06-05
Updated
2014-06-06

CVE-2009-4045

Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.1.7 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to various .inc and .php files in (1) reporting/, (2) sales/, (3) sales/includes/, (4) sales/includes/db/, (5) sales/inquiry/, (6) sales/manage/, (7) sales/view/, (8) taxes/, and (9) taxes/db/.
Max CVSS
7.5
EPSS Score
0.13%
Published
2009-11-20
Updated
2009-11-23

CVE-2009-4037

Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/db/users_db.inc, and various other .inc and .php files under (2) admin/, (3) dimensions/, (4) gl/, (5) inventory/, (6) manufacturing/, and (7) purchasing/.
Max CVSS
7.5
EPSS Score
0.42%
Published
2009-11-20
Updated
2009-11-23
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close