mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 17:22:02 +00:00
823 B
823 B
CVE-2018-1000890
Description
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
POC
Reference
- https://github.com/FrontAccountingERP/FA/issues/37
- https://github.com/FrontAccountingERP/FA/issues/37
- https://www.exploit-db.com/exploits/46037
- https://www.exploit-db.com/exploits/46037
Github
No PoCs found on GitHub currently.