Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.10 views

CVE-2021-3694

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

9.6CVSS7.2AI score0.02386EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/10/05 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-5097-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS7AI score0.03014EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2021/09/30 8:14 p.m.94 views

USN-5097-1: LedgerSMB vulnerabilities

It was discovered that LedgerSMB incorrectly handled certain inputs. An attacker could use this to leak sensitive information, cause a DoS, or execute arbitrary code. CVE-2021-3693, CVE-2021-3694, CVE-2021-3731...

9.6CVSS6.3AI score0.03014EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/08/24 12:0 a.m.23 views

Debian DSA-4962-1 : ledgersmb - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-4962 advisory. Several vulnerabilities were discovered in LedgerSMB, a financial accounting and ERP program, which could result in cross-site scripting or clickjacking. For the...

9.6CVSS5.9AI score0.03014EPSS
Exploits0References9
Debian
Debian
added 2021/08/23 7:23 p.m.46 views

[SECURITY] [DSA 4962-1] ledgersmb security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4962-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 23, 2021 https://www.debian.org/security/faq -...

9.6CVSS7.4AI score0.03014EPSS
Exploits0
NVD
NVD
added 2021/08/23 1:15 p.m.24 views

CVE-2021-3694

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

9.6CVSS0.02386EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/08/23 1:15 p.m.26 views

CVE-2021-3694

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure...

9.6CVSS7.1AI score0.02386EPSS
Exploits0References6
CVE
CVE
added 2021/08/23 12:41 p.m.75 views

CVE-2021-3694

LedgerSMB has a vulnerability where error messages were not sufficiently HTML-encoded, allowing an authenticated user to exploit a specially crafted URL to trigger remote code execution and information disclosure. The issue is documented across multiple advisories (CVE-2021-3694 and related CVEs)...

9.6CVSS8.8AI score0.02386EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder