LedgerSMB Unspecified SQL Injection Vulnerabilities

LedgerSMB Unspecified SQL Injection Vulnerabilities

LedgerSMB is prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query.

A successful attack could allow an attacker to compromise the application, access or modify data, gain administrative access to the application, or exploit vulnerabilities in the underlying database implementation.

LedgerSMB 1.1.0 is vulnerable to these issues; other versions may be vulnerable as well.