Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Sql-ledgerSql-ledger2.4.9

2 matches found

CVE
CVEadded 2006/08/31 1:0 a.m.62 views

CVE-2006-4244

CVE-2006-4244 affects SQL-Ledger versions 2.4.4 through 2.6.17, where authentication relies on a cookie value (sql-ledger-[username]) matching the sessionid parameter. An attacker can gain access as any logged-in user by setting the cookie and sessionid to the same value. Connected advisories con...

7.5CVSS6.5AI score0.01636EPSS
Web
CVE
CVEadded 2007/03/13 7:0 p.m.58 views

CVE-2007-1436

CVE-2007-1436 affects LedgerSMB/SQL-Ledger and concerns an authentication bypass in the admin.pl entry point. The vulnerability allows remote attackers to bypass the password check and gain administrative access via unknown vectors. Affected software is LedgerSMB or SQL-Ledger prior to versions 1...

7.5CVSS6.9AI score0.00535EPSS