SQL Injection Vulnerabilities in FrontAccounting by FrontAccounting
CVE-2009-4045

Currently unrated

Key Information:

Vendor: Frontaccounting
Status: Frontaccounting
Vendor: CVE Published:; 20 November 2009

🔔 Create Frontaccounting Vulnerability Alert

What is CVE-2009-4045?

FrontAccounting, prior to version 2.1.7, is vulnerable to multiple SQL injection issues that enable remote adversaries to execute arbitrary SQL commands. These vulnerabilities stem from unspecified parameters in various .inc and .php files located across directories such as reporting, sales, and taxes. Attackers leveraging these flaws could potentially manipulate the underlying database, leading to unauthorized data access or modifications.

References

http://secunia.com/advisories/37327

third-party-advisoryx_refsource_SECUNIA

http://sourceforge.net/projects/frontaccounting/files/Fro...

x_refsource_CONFIRM

http://frontaccounting.net/wb3/pages/posts/2.1.7-security...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 20, 2009

CVE-2009-4045 Data

JSON