CVE-2026-40521 | FrontAccounting up to 2.4.19 PHP File unique_name path traversal
A vulnerability, which was classified as critical, has been found in FrontAccounting up to 2.4.19. This affects an unknown function of the component PHP File Handler. Performing a manipulation of the argument unique_name results in path traversal.
This vulnerability was named CVE-2026-40521. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.VulDB Recent EntriesRead More