CVE-2007-1923

2007-04-10T19:19:00
ID CVE-2007-1923
Type cve
Reporter NVD
Modified 2018-10-16T12:41:27

Description

(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests.