High severity7.5NVD Advisory· Published Dec 28, 2018· Updated Jun 17, 2026
CVE-2018-1000890
CVE-2018-1000890
Description
FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 2.4.5
- Range: = 2.4.5
Patches
Vulnerability mechanics
References
2- github.com/FrontAccountingERP/FA/issues/37nvdExploitThird Party Advisory
- www.exploit-db.com/exploits/46037nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.