Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
SQL-Ledger serious security vulnerability and workaround
Aug 30 2006 03:12AM
chris metatrontech com
This post is to inform everyone that there is a serious security hole that has been discovered in SQL-Ledger involving session handling. The flaw allows anyone with network access to the server to access the application as any logged in user using trivial mechanisms. I have previously broug...
[ more ]
Copyright 2010, SecurityFocus