CNNVD-202512-2061 Information

CNNVD ID

CNNVD-202512-2061

Related CVE

CVE-2024-58293

• CNNVD Published: 2025-12-11

Description (Chinese)

Akaunting是Akaunting公司的一个应用软件提供一个在线管理资金所需的所有工具。 Akaunting 3.1.8版本存在安全漏洞，该漏洞源于多个表单输入字段存在服务器端模板注入，可能导致执行模板表达式。

Description (English)

Akaunting is an Akaunting application that provides all the tools needed to manage funds online. There is a security gap in version Akaunting 3.1.8, which stems from the injection of server-end templates into multiple form input fields, which may lead to the execution of template expressions.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Akaunting

Published

2025-12-11

Last Modified

2026-02-24

References

https://akaunting.com/forum https://www.exploit-db.com/exploits/52030 https://www.softaculous.com/apps/erp/Akaunting https://www.vulncheck.com/advisories/akaunting-server-side-template-injection-via-multiple-form-fields