Frontaccounting: >> Frontaccounting Security Vulnerabilities
Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.13, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter to (1) access/login.php and (2) includes/lang/language.php, different vectors than CVE-2007-4279.
CVSS Score
9.3
EPSS Score
0.03
Published
2007-09-27
PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter.
CVSS Score
7.5
EPSS Score
0.686
Published
2007-08-09
Page 2