Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ledgersmb ledgersmb 1.1.5 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2007-1437
Unspecified vulnerability in LedgerSMB prior to 1.1.5 and SQL-Ledger prior to 2.6.25 allows remote malicious users to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns f...
Ledgersmb Ledgersmb 1.0.0
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb 1.1.0
Ledgersmb Ledgersmb 1.1.1
10
CVSSv2
CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB prior to 1.1.5, allows remote malicious users to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blackli...
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
10
CVSSv2
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 up to and including 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote malicious users to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
Dws Systems Inc. Sql-ledger 2.2.7
Dws Systems Inc. Sql-ledger 2.4.0
Dws Systems Inc. Sql-ledger 2.4.15
Dws Systems Inc. Sql-ledger 2.4.16
Dws Systems Inc. Sql-ledger 2.4.8
Dws Systems Inc. Sql-ledger 2.4.9
Dws Systems Inc. Sql-ledger 2.6.16
Dws Systems Inc. Sql-ledger 2.6.17
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.7
Ledgersmb Ledgersmb 1.1.8
Ledgersmb Ledgersmb 1.2.0
Dws Systems Inc. Sql-ledger 2.2.0
Dws Systems Inc. Sql-ledger 2.2.1
Dws Systems Inc. Sql-ledger 2.4.1
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.2
Dws Systems Inc. Sql-ledger 2.4.3
Dws Systems Inc. Sql-ledger 2.6.1
Dws Systems Inc. Sql-ledger 2.6.10
Dws Systems Inc. Sql-ledger 2.6.18
Dws Systems Inc. Sql-ledger 2.6.2
7.5
CVSSv2
CVE-2007-1436
Unspecified vulnerability in admin.pl in SQL-Ledger prior to 2.6.26 and LedgerSMB prior to 1.1.9 allows remote malicious users to bypass authentication via unknown vectors that prevents a password check from occurring.
Sql-ledger Sql-ledger 2.4.10
Sql-ledger Sql-ledger 2.4.11
Sql-ledger Sql-ledger 2.4.6
Sql-ledger Sql-ledger 2.4.7
Sql-ledger Sql-ledger 2.6.12
Sql-ledger Sql-ledger 2.6.13
Sql-ledger Sql-ledger 2.6.2
Sql-ledger Sql-ledger 2.6.21
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger
Sql-ledger Sql-ledger 2.4.12
Sql-ledger Sql-ledger 2.4.13
Sql-ledger Sql-ledger 2.4.8
Sql-ledger Sql-ledger 2.4.9
Sql-ledger Sql-ledger 2.6.14
Sql-ledger Sql-ledger 2.6.15
Sql-ledger Sql-ledger 2.6.3
Sql-ledger Sql-ledger 2.6.4
Sql-ledger Sql-ledger 2.6.5
Ledgersmb Ledgersmb 1.1.1
Ledgersmb Ledgersmb 1.1.5
Sql-ledger Sql-ledger 2.4.4
6.5
CVSSv2
CVE-2007-0667
The redirect function in Form.pm for (1) LedgerSMB prior to 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
Sql-ledger Sql-ledger 2.6.19
Sql-ledger Sql-ledger 2.6.21
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger 2.6.17
Sql-ledger Sql-ledger 2.6.18
Sql-ledger Sql-ledger 2.4.7
7.5
CVSSv2
CVE-2006-5872
login.pl in SQL-Ledger prior to 2.6.21 and LedgerSMB prior to 1.1.5 allows remote malicious users to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.
Dws Systems Inc. Sql-ledger 2.6.27
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started