206 matches found
LedgerSMB.txt
Hi all; Summary: A directory transversal issue was found in LedgerSMB 1.0.0 involving the terminal variable. This vulnerability was inherited from the SQL-Ledger codebase. Due to the fact that SQL-Ledger has a built-in text editor, this issue could result in arbitrary code execution on the server...
CVE-2006-4731
CVE-2006-4731 is a directory traversal vulnerability in SQL-Ledger (before 2.6.19) and LedgerSMB (before 1.0.0p1). Remote attackers could cause arbitrary Perl code execution by supplying a terminal parameter value containing ../, as reported across multiple advisories. Related OpenVAS entries con...
LedgerSMB 1.0.0 and SQL-Ledger 2.6.18 and earler arbitrary code execution
Hi all; Summary: A directory transversal issue was found in LedgerSMB 1.0.0 involving the terminal variable. This vulnerability was inherited from the SQL-Ledger codebase. Due to the fact that SQL-Ledger has a built-in text editor, this issue could result in arbitrary code execution on the server...
CVE-2006-4731
Multiple directory traversal vulnerabilities in 1 login.pl and 2 admin.pl in a SQL-Ledger before 2.6.19 and b LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ dot dot slash...
SQL-Ledger 2.6.xLedgerSMB 1.0 - Terminal Directory Traversal
SQL-Ledger 2.6.xLedgerSMB 1.0 - Terminal Directory Traversal source: https://www.securityfocus.com/bid/19960/info SQL-Ledger and LedgerSMB are prone to a remote directory-traversal vulnerability. An attacker can exploit this issue to include arbitrary files located on the vulnerable computer in t...
SQL-Ledger 2.6.x/LedgerSMB 1.0 - 'Terminal' Directory Traversal
source: https://www.securityfocus.com/bid/19960/info SQL-Ledger and LedgerSMB are prone to a remote directory-traversal vulnerability. An attacker can exploit this issue to include arbitrary files located on the vulnerable computer in the context of the webserver process. The attacker may be able...