Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2007-0667

Published: 02/02/2007 Updated: 16/10/2018
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Sql-ledger

Vulnerability Summary

The redirect function in Form.pm for (1) LedgerSMB prior to 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.

Vulnerable Product Search on Vulmon Subscribe to Product

sql-ledger sql-ledger 2.6.19

sql-ledger sql-ledger 2.6.21

sql-ledger sql-ledger 2.6.25

ledgersmb ledgersmb

sql-ledger sql-ledger 2.6.17

sql-ledger sql-ledger 2.6.18

sql-ledger sql-ledger 2.4.7

Vendor Advisories

Debian CVElist Bug Report Logs: SQL-ledger unsafe for use with untrusted users or public installations
Debian Bug report logs - #409703 SQL-ledger unsafe for use with untrusted users or public installations Package: sql-ledger; Maintainer for sql-ledger is Robert James Clay <jame@rocasaus>; Source for sql-ledger is src:sql-ledger (PTS, buildd, popcon) Reported by: Alex de Oliveira Silva <enerv@hostsk> Date: Sun, 4 ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/22295http://securityreason.com/securityalert/2217http://www.vupen.com/english/advisories/2007/0407http://www.securityfocus.com/archive/1/459264/100/0/threadedhttp://www.securityfocus.com/archive/1/458464/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=409703https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook