CVE-2007-1923

2007-04-10T23:19:00
ID CVE-2007-1923
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:41:00

Description

(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests.