Unspecified vulnerability in LedgerSMB prior to 1.1.5 and SQL-Ledger prior to 2.6.25 allows remote malicious users to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ledgersmb ledgersmb 1.0.0 |
||
sql-ledger sql-ledger |
||
ledgersmb ledgersmb 1.1.0 |
||
ledgersmb ledgersmb 1.1.1 |