Description

Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2014-3973

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0216)

Oracle JRE CVE-2018-2641 Vulnerability (CVE-2018-2641)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-5621)

Oracle Database Server CVE-2010-0853 Vulnerability (CVE-2010-0853)

concrete5 Improper Input Validation Vulnerability (CVE-2017-18195)

Severity

High

Classification

CVE-2014-3973

Tags

Missing Update Known Vulnerabilities