Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ledgersmb ledgersmb vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1923
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote malicious users to access restricted functionality via direct requests. The LedgerSMB affected versions are prior to 1.3.0.
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger -
4.3
CVSSv2
CVE-2007-1540
Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and previous versions, and (2) LedgerSMB prior to 1.2.0, allows remote malicious users to run arbitrary executables and bypass authentication via a .. (dot dot) sequence and trailing NULL (%00) in the login param...
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb
1 EDB exploit
7.5
CVSSv2
CVE-2007-1436
Unspecified vulnerability in admin.pl in SQL-Ledger prior to 2.6.26 and LedgerSMB prior to 1.1.9 allows remote malicious users to bypass authentication via unknown vectors that prevents a password check from occurring.
Sql-ledger Sql-ledger 2.4.10
Sql-ledger Sql-ledger 2.4.11
Sql-ledger Sql-ledger 2.4.6
Sql-ledger Sql-ledger 2.4.7
Sql-ledger Sql-ledger 2.6.12
Sql-ledger Sql-ledger 2.6.13
Sql-ledger Sql-ledger 2.6.2
Sql-ledger Sql-ledger 2.6.21
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger
Sql-ledger Sql-ledger 2.4.12
Sql-ledger Sql-ledger 2.4.13
Sql-ledger Sql-ledger 2.4.8
Sql-ledger Sql-ledger 2.4.9
Sql-ledger Sql-ledger 2.6.14
Sql-ledger Sql-ledger 2.6.15
Sql-ledger Sql-ledger 2.6.3
Sql-ledger Sql-ledger 2.6.4
Sql-ledger Sql-ledger 2.6.5
Ledgersmb Ledgersmb 1.1.1
Ledgersmb Ledgersmb 1.1.5
Sql-ledger Sql-ledger 2.4.4
9
CVSSv2
CVE-2007-1437
Unspecified vulnerability in LedgerSMB prior to 1.1.5 and SQL-Ledger prior to 2.6.25 allows remote malicious users to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns f...
Ledgersmb Ledgersmb 1.0.0
Sql-ledger Sql-ledger
Ledgersmb Ledgersmb 1.1.0
Ledgersmb Ledgersmb 1.1.1
10
CVSSv2
CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB prior to 1.1.5, allows remote malicious users to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blackli...
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
6.5
CVSSv2
CVE-2007-0667
The redirect function in Form.pm for (1) LedgerSMB prior to 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
Sql-ledger Sql-ledger 2.6.19
Sql-ledger Sql-ledger 2.6.21
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger 2.6.17
Sql-ledger Sql-ledger 2.6.18
Sql-ledger Sql-ledger 2.4.7
7.5
CVSSv2
CVE-2006-5872
login.pl in SQL-Ledger prior to 2.6.21 and LedgerSMB prior to 1.1.5 allows remote malicious users to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.
Dws Systems Inc. Sql-ledger 2.6.27
7.5
CVSSv2
CVE-2006-5589
Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via unspecified vectors in (1) OE.pm, (2) AM.pm, and (3) Form.pm.
Ledgersmb Ledgersmb 1.0.0
Ledgersmb Ledgersmb
5
CVSSv2
CVE-2006-4731
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger prior to 2.6.19 and (b) LedgerSMB prior to 1.0.0p1 allow remote malicious users to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash...
Dws Systems Inc. Sql-ledger 2.6.14
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.7
Dws Systems Inc. Sql-ledger 2.2.3
Dws Systems Inc. Sql-ledger 2.6.12
Dws Systems Inc. Sql-ledger 2.2.5
Dws Systems Inc. Sql-ledger 2.4.6
Dws Systems Inc. Sql-ledger 2.6.15
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.3
Dws Systems Inc. Sql-ledger 2.4.12
Dws Systems Inc. Sql-ledger 2.6.13
Dws Systems Inc. Sql-ledger 2.4.14
Dws Systems Inc. Sql-ledger 2.6.1
Dws Systems Inc. Sql-ledger 2.6.16
Dws Systems Inc. Sql-ledger 2.2.0
Dws Systems Inc. Sql-ledger 2.6.11
Dws Systems Inc. Sql-ledger 2.2.6
Dws Systems Inc. Sql-ledger 2.4.13
Dws Systems Inc. Sql-ledger 2.4.5
Dws Systems Inc. Sql-ledger 2.4.11
Dws Systems Inc. Sql-ledger 2.6.18
1 EDB exploit
7.5
CVSSv2
CVE-2006-4244
SQL-Ledger 2.4.4 up to and including 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote malicious users to gain access as any logged-in user by setting the cookie and the par...
Sql-ledger Sql-ledger 2.6.16
Sql-ledger Sql-ledger 2.4.5
Sql-ledger Sql-ledger 2.6.6
Sql-ledger Sql-ledger 2.6.11
Sql-ledger Sql-ledger 2.4.7
Sql-ledger Sql-ledger 2.6.1
Sql-ledger Sql-ledger 2.6.15
Sql-ledger Sql-ledger 2.4.8
Sql-ledger Sql-ledger 2.6.9
Sql-ledger Sql-ledger 2.6.0
Sql-ledger Sql-ledger 2.6.12
Sql-ledger Sql-ledger 2.6.3
Sql-ledger Sql-ledger 2.4.9
Sql-ledger Sql-ledger 2.6.17
Sql-ledger Sql-ledger 2.4.4
Sql-ledger Sql-ledger 2.6.14
Sql-ledger Sql-ledger 2.4.6
Sql-ledger Sql-ledger 2.4.10
Sql-ledger Sql-ledger 2.4.13
Sql-ledger Sql-ledger 2.6.4
Sql-ledger Sql-ledger 2.4.16
Sql-ledger Sql-ledger 2.6.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2