FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the malicious user to grab the entire database of the application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
frontaccounting frontaccounting 2.4.5 |