CVE-2026-40521 | FrontAccounting up to 2.4.19 PHP File unique_name path traversal

Inserito da Angelo Barbosa | Giu 29, 2026 | CVE

A vulnerability, which was classified as critical, has been found in FrontAccounting up to 2.4.19. This affects an unknown function of the component PHP File Handler. Performing a manipulation of the argument unique_name results in path traversal.

This vulnerability was named CVE-2026-40521. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-40521 | FrontAccounting up to 2.4.19 PHP File unique_name path traversal

Post correlati

CVE-2023-45839 | Buildroot 2023.08.1/622698d7847 code download (TALOS-2023-1844)

CVE-2024-53473 | WeGIA up to 3.2.0 Password Change permission (Issue 791)

CVE-2024-8364 | WP Custom Fields Search Plugin up to 1.2.35 on WordPress Shortcode wpcfs-preset cross site scripting

CVE-2026-2848 | SourceCodester Simple Responsive Tourism Website 1.0 Registration Master.php?f=register Username sql injection