Known Vulnerabilities for products from Frontaccounting
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Frontaccounting".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40524 json | Not Provided | 2026-06-29 | 2026-07-01 | |
| CVE-2026-40523 json | Not Provided | 2026-06-29 | 2026-06-29 | |
| CVE-2026-40522 json | Not Provided | 2026-06-29 | 2026-06-29 | |
| CVE-2026-40521 json | Not Provided | 2026-06-29 | 2026-06-30 | |
| CVE-2020-21244 json | An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admi... | 4.9 - MEDIUM | 2020-09-30 | 2020-10-14 |
| CVE-2019-5720 json | includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that... | 9.8 - CRITICAL | 2019-01-08 | 2019-01-30 |
| CVE-2018-1000890 json | FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.p... | 7.5 - HIGH | 2018-12-28 | 2019-01-30 |
| CVE-2018-7176 json | FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" ... | 8.8 - HIGH | 2018-02-16 | 2018-03-14 |
| CVE-2014-3973 json | Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL ... | Not Provided | 2014-06-05 | 2026-05-06 |
| CVE-2011-3740 json | FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reve... | Not Provided | 2011-09-23 | 2026-04-29 |
| CVE-2009-4046 json | Multiple SQL injection vulnerabilities in FrontAccounting (FA) 2.2.x before 2.2 RC allow remote attackers to execute arbitrar... | Not Provided | 2009-11-20 | 2026-04-23 |
| CVE-2009-4045 json | Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.1.7 allow remote attackers to execute arbitrary SQL c... | Not Provided | 2009-11-20 | 2026-04-23 |
| CVE-2009-4037 json | Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers ... | Not Provided | 2009-11-20 | 2026-04-23 |
| CVE-2007-5148 json | Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.12 allow remote attackers to execute arbitrary P... | Not Provided | 2007-10-01 | 2026-04-23 |
| CVE-2007-5117 json | Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.13, when register_globals is enabled, allow remo... | Not Provided | 2007-09-27 | 2026-04-23 |
| CVE-2007-4279 json | PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arb... | Not Provided | 2007-08-09 | 2026-04-23 |
Known software with vulnerabilities from Frontaccounting
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Frontaccounting | Frontaccounting | 2.3 |