Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql-ledger sql-ledger 2.6.27 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2007-1541
Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL (%00) character to protect against directory traversal attacks, which allows remote malicious users to run arbitrary executables and bypass authentication via a .. (dot dot) seq...
Sql-ledger Sql-ledger 2.6.27
890
VMScore
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 up to and including 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote malicious users to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
Dws Systems Inc. Sql-ledger 2.2.7
Dws Systems Inc. Sql-ledger 2.4.0
Dws Systems Inc. Sql-ledger 2.4.15
Dws Systems Inc. Sql-ledger 2.4.16
Dws Systems Inc. Sql-ledger 2.4.8
Dws Systems Inc. Sql-ledger 2.4.9
Dws Systems Inc. Sql-ledger 2.6.16
Dws Systems Inc. Sql-ledger 2.6.17
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.7
Ledgersmb Ledgersmb 1.1.8
Ledgersmb Ledgersmb 1.2.0
Dws Systems Inc. Sql-ledger 2.2.0
Dws Systems Inc. Sql-ledger 2.2.1
Dws Systems Inc. Sql-ledger 2.4.1
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.2
Dws Systems Inc. Sql-ledger 2.4.3
Dws Systems Inc. Sql-ledger 2.6.1
Dws Systems Inc. Sql-ledger 2.6.10
Dws Systems Inc. Sql-ledger 2.6.18
Dws Systems Inc. Sql-ledger 2.6.2
435
VMScore
CVE-2007-1540
Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and previous versions, and (2) LedgerSMB prior to 1.2.0, allows remote malicious users to run arbitrary executables and bypass authentication via a .. (dot dot) sequence and trailing NULL (%00) in the login param...
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb
1 EDB exploit
668
VMScore
CVE-2006-5872
login.pl in SQL-Ledger prior to 2.6.21 and LedgerSMB prior to 1.1.5 allows remote malicious users to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.
Dws Systems Inc. Sql-ledger 2.6.27
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started