2 matches found
CVE-2007-1541
Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL %00 character to protect against directory traversal attacks, which allows remote attackers to run arbitrary executables and bypass authentication via a .. dot dot sequence in the login paramete...
CVE-2007-1541
CVE-2007-1541 concerns SQL-Ledger 2.6.27 and is a directory traversal vulnerability in the am.pl script. The issue arises because validation only filters for a NULL (%00) character, allowing remote attackers to bypass authentication and access via a .. sequence in the login parameter. Multiple so...