Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ledgersmb ledgersmb 1.1.5 vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2007-1437
Unspecified vulnerability in LedgerSMB prior to 1.1.5 and SQL-Ledger prior to 2.6.25 allows remote malicious users to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns f...
Ledgersmb Ledgersmb 1.1.0
Ledgersmb Ledgersmb 1.0.0
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb 1.1.1
890
VMScore
CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB prior to 1.1.5, allows remote malicious users to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blackli...
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
890
VMScore
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 up to and including 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote malicious users to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
Dws Systems Inc. Sql-ledger 2.6.14
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.7
Ledgersmb Ledgersmb 1.1.0
Ledgersmb Ledgersmb 1.2.7
Dws Systems Inc. Sql-ledger 2.2.3
Dws Systems Inc. Sql-ledger 2.6.12
Dws Systems Inc. Sql-ledger 2.2.5
Dws Systems Inc. Sql-ledger 2.4.6
Dws Systems Inc. Sql-ledger 2.6.15
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.3
Ledgersmb Ledgersmb 1.2.3
Ledgersmb Ledgersmb 1.1.5
Dws Systems Inc. Sql-ledger 2.4.12
Dws Systems Inc. Sql-ledger 2.6.13
Dws Systems Inc. Sql-ledger 2.4.14
Ledgersmb Ledgersmb 1.2.5
Dws Systems Inc. Sql-ledger 2.6.1
Ledgersmb Ledgersmb 1.0.0
Dws Systems Inc. Sql-ledger 2.6.16
Ledgersmb Ledgersmb 1.2.2
668
VMScore
CVE-2007-1436
Unspecified vulnerability in admin.pl in SQL-Ledger prior to 2.6.26 and LedgerSMB prior to 1.1.9 allows remote malicious users to bypass authentication via unknown vectors that prevents a password check from occurring.
Sql-ledger Sql-ledger 2.6.16
Sql-ledger Sql-ledger 2.4.5
Sql-ledger Sql-ledger 2.6.6
Sql-ledger Sql-ledger 2.6.11
Ledgersmb Ledgersmb 1.1.0
Sql-ledger Sql-ledger 2.4.7
Sql-ledger Sql-ledger 2.6.1
Sql-ledger Sql-ledger 2.6.15
Sql-ledger Sql-ledger 2.4.8
Sql-ledger Sql-ledger 2.6.9
Sql-ledger Sql-ledger 2.6.0
Sql-ledger Sql-ledger 2.6.12
Sql-ledger Sql-ledger 2.6.3
Sql-ledger Sql-ledger 2.4.9
Ledgersmb Ledgersmb 1.1.5
Sql-ledger Sql-ledger 2.6.19
Sql-ledger Sql-ledger 2.6.17
Ledgersmb Ledgersmb 1.0.0
Sql-ledger Sql-ledger 2.4.4
Sql-ledger Sql-ledger 2.6.14
Sql-ledger Sql-ledger 2.4.6
Sql-ledger Sql-ledger 2.4.10
578
VMScore
CVE-2007-0667
The redirect function in Form.pm for (1) LedgerSMB prior to 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
Sql-ledger Sql-ledger 2.4.7
Sql-ledger Sql-ledger 2.6.19
Sql-ledger Sql-ledger 2.6.17
Sql-ledger Sql-ledger 2.6.25
Sql-ledger Sql-ledger 2.6.18
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger 2.6.21
668
VMScore
CVE-2006-5872
login.pl in SQL-Ledger prior to 2.6.21 and LedgerSMB prior to 1.1.5 allows remote malicious users to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.
Dws Systems Inc. Sql-ledger 2.6.27
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started