Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Multiple Vulnerabilities: LedgerSMB < 1.2.15
Sep 10 2008 01:02AM
Chris Travers (chris travers gmail com)
Multiple vulnerabilities: LedgerSMB
Synopsis: Two vulnerabilities announced in LedgerSMB for versions
prior to 1.2.15
Status: Corrected in version 1.2.15 and later (vendor fix available).
Impact: Resource exhaustion on server, arbitrary SQL command execution.
Other software affected: SQL-Ledge...
[ more ]
Copyright 2010, SecurityFocus