Описание
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| frontaccounting | removed | package |
EPSS
Процентиль: 69%
0.00604
Низкий
Связанные уязвимости
CVSS3: 7.5
nvd
около 7 лет назад
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
CVSS3: 7.5
github
больше 3 лет назад
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
EPSS
Процентиль: 69%
0.00604
Низкий