Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql-ledger sql-ledger 2.8.24 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3583
Directory traversal vulnerability in the Preferences menu item in SQL-Ledger 2.8.24 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the countrycode field.
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-4402
The default configuration of SQL-Ledger 2.8.24 allows remote malicious users to perform unspecified administrative operations by providing an arbitrary password to the admin interface.
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-3580
Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote malicious users to hijack the authentication of arbitrary users for requests that change a password via the login, new_password, and confirm_password parameters in a preferences action.
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-3581
Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via (1) the DCN Description field in the Accounts Receivables menu item for Add Transaction, (2) the Description field in the Accounts ...
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-3582
Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operatio...
Sql-ledger Sql-ledger 2.8.24
NA
CVE-2009-3584
SQL-Ledger 2.8.24 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Sql-ledger Sql-ledger 2.8.24
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-9553
CVE-2024-47332
CVE-2024-47360
remote code execution
CVE-2024-45409
CVE-2024-45519
overflow
CVE-2024-47371
stored XSS
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started