Description
PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter.
Remediation
References
Related Vulnerabilities
TYPO3 Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-26229)
WordPress Plugin Images Slideshow by 2J-Image Slider Security Bypass (1.3.31)
WordPress Plugin St-Daily-Tip Cross-Site Request Forgery (4.7)
WordPress Plugin LearnPress-WordPress LMS Cross-Site Request Forgery (3.2.7.2)