Vulnerabilities > Pgobject Util Dbadmin Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-08 | CVE-2018-9246 | Improper Encoding or Escaping of Output vulnerability in multiple products The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. | 9.8 |