Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues Oct 09 2007 04:31PM
Chris Travers (chris travers gmail com)
Severity: Critical
Effect: Compromise of FInancial Data, deletion of audit trails,
alteration of system settings, disclosure of confidential information
possible in some setups.
Affected products: LedgerSMB 1.0.0-1.2.7 , SQL-Ledger 2.x (all versions).

1: SQL injection issue in invoice quantity ...

[ more ]  




 

Privacy Statement
Copyright 2008, SecurityFocus