CVE-2018-9246

The CVE-2018-9246 issue affects the PGObject::Util::DBAdmin Perl module prior to 0.120.0, used in LedgerSMB up to 1.5.x. It inadequately sanitizes/escapes variables used in shell commands, enabling shell code injection via create(), run_file(), backup(), or restore(). This allows an attacker to e...