CVE-2018-1000890
-
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000890
© Lightnetics 2024