Remote File Inclusion Vulnerability in FrontAccounting by FrontAccounting
CVE-2007-5148

Currently unrated

Key Information:

Vendor: Frontaccounting
Status: Frontaccounting
Vendor: CVE Published:; 1 October 2007

🔔 Create Frontaccounting Vulnerability Alert

What is CVE-2007-5148?

Multiple remote file inclusion vulnerabilities exist within FrontAccounting version 1.12, which could allow attackers to execute arbitrary PHP code. Specifically, these vulnerabilities arise from the manipulation of the path_to_root parameter, providing potential access to critical PHP scripts such as logout.php, and various admin and reporting functions. This exploitation could lead to unauthorized access and compromise the integrity of the application.

References

http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccount...

x_refsource_MISC

http://osvdb.org/45524

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2007
Vulnerability Reserved
Sep 30, 2007

CVE-2007-5148 Data

JSON