CVE-2018-7176 in FrontAccountinginfo

Summary

FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

02/15/2018

Disclosure

02/15/2018

Moderation

VulDB entry created

Entries

1: VDB-113501

CPE

ready

CWE

CWE-352 (Confirmed)

Exploit

Download

CVSS

6.5

EPSS

0.00176

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-7176
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-7176
CVE Details	https://www.cvedetails.com/cve/CVE-2018-7176/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!