ByteOS Network

▼CVE Numbering Authority (CNA)

Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) admin/db/users_db.inc, and various other .inc and .php files under (2) admin/, (3) dimensions/, (4) gl/, (5) inventory/, (6) manufacturing/, and (7) purchasing/.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://secunia.com/advisories/37327	third-party-advisory x_refsource_SECUNIA
http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.1.7/frontaccount-2.1.7.tar.gz/download	x_refsource_CONFIRM
http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.2%20RC/frontaccount-2.2RC.tar.gz/download	x_refsource_CONFIRM
http://frontaccounting.net/wb3/pages/posts/release-2.2-rc104.php	x_refsource_CONFIRM
http://frontaccounting.net/wb3/pages/posts/2.1.7-security-release103.php	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/3223	vdb-entry x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/37327

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.1.7/frontaccount-2.1.7.tar.gz/download

Resource:

x_refsource_CONFIRM

Hyperlink: http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.2%20RC/frontaccount-2.2RC.tar.gz/download

Resource:

x_refsource_CONFIRM

Hyperlink: http://frontaccounting.net/wb3/pages/posts/release-2.2-rc104.php

Resource:

x_refsource_CONFIRM

Hyperlink: http://frontaccounting.net/wb3/pages/posts/2.1.7-security-release103.php

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2009/3223

Resource:

vdb-entry

x_refsource_VUPEN

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://secunia.com/advisories/37327	third-party-advisory x_refsource_SECUNIA x_transferred
http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.1.7/frontaccount-2.1.7.tar.gz/download	x_refsource_CONFIRM x_transferred
http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.2%20RC/frontaccount-2.2RC.tar.gz/download	x_refsource_CONFIRM x_transferred
http://frontaccounting.net/wb3/pages/posts/release-2.2-rc104.php	x_refsource_CONFIRM x_transferred
http://frontaccounting.net/wb3/pages/posts/2.1.7-security-release103.php	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2009/3223	vdb-entry x_refsource_VUPEN x_transferred

Hyperlink: http://secunia.com/advisories/37327

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.1.7/frontaccount-2.1.7.tar.gz/download

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://sourceforge.net/projects/frontaccounting/files/FrontAccounting-2/2.2%20RC/frontaccount-2.2RC.tar.gz/download

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://frontaccounting.net/wb3/pages/posts/release-2.2-rc104.php

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://frontaccounting.net/wb3/pages/posts/2.1.7-security-release103.php

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/3223

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References