HIGH🇬🇧 English

CVE-2009-4402

CVSS 7.5v2.0pub. 2009-12-23upd. 2026-04-23

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Sql Ledger

    APP
    Sql-Ledger
    2.8.24
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2008-4077HIGH7.8ten sam produkt

The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allow remote attac...

CVE-2007-1923HIGH7.5ten sam produkt

(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked...

CVE-2007-1541HIGH7.5ten sam produkt

Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL (%00) c...

CVE-2007-1437HIGH9.0ten sam produkt

Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to ov...

CVE-2007-1436HIGH7.5ten sam produkt

Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote att...