Lucene search
+L

206 matches found

Packet Storm
Packet Storm
added 2006/09/13 12:0 a.m.52 views

LedgerSMB.txt

Hi all; Summary: A directory transversal issue was found in LedgerSMB 1.0.0 involving the terminal variable. This vulnerability was inherited from the SQL-Ledger codebase. Due to the fact that SQL-Ledger has a built-in text editor, this issue could result in arbitrary code execution on the server...

7.5CVSS6.4AI score0.01811EPSS
Exploits4
CVE
CVE
added 2006/09/13 12:0 a.m.67 views

CVE-2006-4731

CVE-2006-4731 is a directory traversal vulnerability in SQL-Ledger (before 2.6.19) and LedgerSMB (before 1.0.0p1). Remote attackers could cause arbitrary Perl code execution by supplying a terminal parameter value containing ../, as reported across multiple advisories. Related OpenVAS entries con...

5CVSS7.5AI score0.05734EPSS
Exploits0References11Affected Software2
securityvulns
securityvulns
added 2006/09/13 12:0 a.m.57 views

LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution

Hi all; Summary: A directory transversal issue was found in LedgerSMB 1.0.0 involving the terminal variable. This vulnerability was inherited from the SQL-Ledger codebase. Due to the fact that SQL-Ledger has a built-in text editor, this issue could result in arbitrary code execution on the server...

7.5CVSS1.6AI score0.01811EPSS
Exploits4
Cvelist
Cvelist
added 2006/09/13 12:0 a.m.30 views

CVE-2006-4731

Multiple directory traversal vulnerabilities in 1 login.pl and 2 admin.pl in a SQL-Ledger before 2.6.19 and b LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ dot dot slash...

7.5AI score0.05734EPSS
Exploits0References11
exploitpack
exploitpack
added 2006/09/12 12:0 a.m.12 views

SQL-Ledger 2.6.xLedgerSMB 1.0 - Terminal Directory Traversal

SQL-Ledger 2.6.xLedgerSMB 1.0 - Terminal Directory Traversal source: https://www.securityfocus.com/bid/19960/info SQL-Ledger and LedgerSMB are prone to a remote directory-traversal vulnerability. An attacker can exploit this issue to include arbitrary files located on the vulnerable computer in t...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/12 12:0 a.m.40 views

SQL-Ledger 2.6.x/LedgerSMB 1.0 - 'Terminal' Directory Traversal

source: https://www.securityfocus.com/bid/19960/info SQL-Ledger and LedgerSMB are prone to a remote directory-traversal vulnerability. An attacker can exploit this issue to include arbitrary files located on the vulnerable computer in the context of the webserver process. The attacker may be able...

7.4AI score
Exploits0
Rows per page
Query Builder