Description
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5659)
Joomla! Core Security Bypass (2.5.0 - 3.9.18)
Joomla Improper Input Validation Vulnerability (CVE-2006-1957)
Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786)
WordPress Plugin Quotes Collection Cross-Site Scripting (2.0.5)