Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
http://secunia.com/advisories/58848
http://frontaccounting.com/wb3/pages/posts/release-2.3.21201.php