Vulnerabilities > SQL Ledger > SQL Ledger > 2.6.25

DATE CVE VULNERABILITY TITLE RISK
2007-03-07 CVE-2007-1329 Directory Traversal vulnerability in LedgerSMB
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via .
network
low complexity
ledgersmb sql-ledger
critical
 10.0
10
2007-02-02 CVE-2007-0667 The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.
network
low complexity
ledgersmb sql-ledger
6.5
6.5