SQL-Ledger/LedgerSMB Template Editing File Parameter Directory Traversal Vulnerability
|
Bugtraq ID:
|
22769
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Mar 01 2007 12:00AM
|
|
Updated:
|
Mar 01 2007 09:25PM
|
|
Credit:
|
Chris Travers is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
SQL-Ledger SQL-Ledger 2.6.21
SQL-Ledger SQL-Ledger 2.6.19
SQL-Ledger SQL-Ledger 2.6.18
SQL-Ledger SQL-Ledger 2.6.17
SQL-Ledger SQL-Ledger 2.4.7
LedgerSMB LedgerSMB 1.1
LedgerSMB LedgerSMB 1.1
LedgerSMB LedgerSMB 1.0 p1
LedgerSMB LedgerSMB 1.0
|
|
|
|
Not Vulnerable:
|
LedgerSMB LedgerSMB 1.1.5
|
|
