CVE-2024-22836

Published February 8th, 2024

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECTS

Description

An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server.

akaunting/akaunting

Online Accounting Software

GitHub

9.85K

u32i/cve

Details about some vulnerabilities I've discovered.

GitHub