Vulnerabilities > Pgobject Util Dbadmin Project

DATE CVE VULNERABILITY TITLE RISK
2018-06-08 CVE-2018-9246 Improper Encoding or Escaping of Output vulnerability in multiple products
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function.
7.5