RSS   Vulnerabilities for 'Php accounts'   RSS

2007-06-22
 
CVE-2007-3346

 

 
Directory traversal vulnerability in index.php in PHPAccounts 0.5 allows remote attackers to include arbitrary local files via unspecified manipulations of the page parameter.

 
 
CVE-2007-3345

 

 
Multiple SQL injection vulnerabilities in index.php in PHPAccounts 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) Outgoing_Type_ID, (2) Outgoing_ID, (3) Project_ID, (4) Client_ID, (5) Invoice_ID, or (6) Vendor_ID parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top