LedgerSMB Versions Prior to 1.2.15 Multiple Remote Vulnerabilities

LedgerSMB is prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful attack could allow an attacker to consume an excessive amount of resources, compromise the affected application, access or modify data, or exploit vulnerabilities in the underlying database.

Versions prior to LedgerSMB 1.2.15 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus