Vulnerability Details CVE-2020-22390
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2020-22390
-
cpe:2.3:a:akaunting:akaunting:-
-
cpe:2.3:a:akaunting:akaunting:1.0.0
-
cpe:2.3:a:akaunting:akaunting:1.0.1
-
cpe:2.3:a:akaunting:akaunting:1.0.10
-
cpe:2.3:a:akaunting:akaunting:1.0.11
-
cpe:2.3:a:akaunting:akaunting:1.0.12
-
cpe:2.3:a:akaunting:akaunting:1.0.2
-
cpe:2.3:a:akaunting:akaunting:1.0.3
-
cpe:2.3:a:akaunting:akaunting:1.0.4
-
cpe:2.3:a:akaunting:akaunting:1.0.5
-
cpe:2.3:a:akaunting:akaunting:1.0.6
-
cpe:2.3:a:akaunting:akaunting:1.0.7
-
cpe:2.3:a:akaunting:akaunting:1.0.8
-
cpe:2.3:a:akaunting:akaunting:1.0.9
-
cpe:2.3:a:akaunting:akaunting:1.1.0
-
cpe:2.3:a:akaunting:akaunting:1.1.1
-
cpe:2.3:a:akaunting:akaunting:1.1.10
-
cpe:2.3:a:akaunting:akaunting:1.1.11
-
cpe:2.3:a:akaunting:akaunting:1.1.12
-
cpe:2.3:a:akaunting:akaunting:1.1.13
-
cpe:2.3:a:akaunting:akaunting:1.1.14
-
cpe:2.3:a:akaunting:akaunting:1.1.15
-
cpe:2.3:a:akaunting:akaunting:1.1.2
-
cpe:2.3:a:akaunting:akaunting:1.1.3
-
cpe:2.3:a:akaunting:akaunting:1.1.4
-
cpe:2.3:a:akaunting:akaunting:1.1.5
-
cpe:2.3:a:akaunting:akaunting:1.1.6
-
cpe:2.3:a:akaunting:akaunting:1.1.7
-
cpe:2.3:a:akaunting:akaunting:1.1.8
-
cpe:2.3:a:akaunting:akaunting:1.1.9
-
cpe:2.3:a:akaunting:akaunting:1.2.0
-
cpe:2.3:a:akaunting:akaunting:1.2.1
-
cpe:2.3:a:akaunting:akaunting:1.2.10
-
cpe:2.3:a:akaunting:akaunting:1.2.11
-
cpe:2.3:a:akaunting:akaunting:1.2.12
-
cpe:2.3:a:akaunting:akaunting:1.2.13
-
cpe:2.3:a:akaunting:akaunting:1.2.14
-
cpe:2.3:a:akaunting:akaunting:1.2.15
-
cpe:2.3:a:akaunting:akaunting:1.2.16
-
cpe:2.3:a:akaunting:akaunting:1.2.2
-
cpe:2.3:a:akaunting:akaunting:1.2.3
-
cpe:2.3:a:akaunting:akaunting:1.2.4
-
cpe:2.3:a:akaunting:akaunting:1.2.5
-
cpe:2.3:a:akaunting:akaunting:1.2.6
-
cpe:2.3:a:akaunting:akaunting:1.2.7
-
cpe:2.3:a:akaunting:akaunting:1.2.8
-
cpe:2.3:a:akaunting:akaunting:1.2.9
-
cpe:2.3:a:akaunting:akaunting:1.3.0
-
cpe:2.3:a:akaunting:akaunting:1.3.1
-
cpe:2.3:a:akaunting:akaunting:1.3.10
-
cpe:2.3:a:akaunting:akaunting:1.3.11
-
cpe:2.3:a:akaunting:akaunting:1.3.12
-
cpe:2.3:a:akaunting:akaunting:1.3.13
-
cpe:2.3:a:akaunting:akaunting:1.3.14
-
cpe:2.3:a:akaunting:akaunting:1.3.15
-
cpe:2.3:a:akaunting:akaunting:1.3.16
-
cpe:2.3:a:akaunting:akaunting:1.3.17
-
cpe:2.3:a:akaunting:akaunting:1.3.2
-
cpe:2.3:a:akaunting:akaunting:1.3.3
-
cpe:2.3:a:akaunting:akaunting:1.3.4
-
cpe:2.3:a:akaunting:akaunting:1.3.5
-
cpe:2.3:a:akaunting:akaunting:1.3.6
-
cpe:2.3:a:akaunting:akaunting:1.3.7
-
cpe:2.3:a:akaunting:akaunting:1.3.8
-
cpe:2.3:a:akaunting:akaunting:1.3.9
-
cpe:2.3:a:akaunting:akaunting:2.0.0
-
cpe:2.3:a:akaunting:akaunting:2.0.1
-
cpe:2.3:a:akaunting:akaunting:2.0.2
-
cpe:2.3:a:akaunting:akaunting:2.0.3
-
cpe:2.3:a:akaunting:akaunting:2.0.4
-
cpe:2.3:a:akaunting:akaunting:2.0.5
-
cpe:2.3:a:akaunting:akaunting:2.0.6
-
cpe:2.3:a:akaunting:akaunting:2.0.7
-
cpe:2.3:a:akaunting:akaunting:2.0.8
-
cpe:2.3:a:akaunting:akaunting:2.0.9