1 matches found
CVE-2007-5372
Multiple SQL injection vulnerabilities in a LedgerSMB 1.0.0 through 1.2.7 and b DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via 1 the invoice quantity field or 2 the sort field...