Описание
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests.
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-1923
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33494
- https://github.com/ledgersmb/LedgerSMB/blob/master/Changelog
- http://osvdb.org/38217
- http://osvdb.org/38218
- http://securityreason.com/securityalert/2552
- http://www.securityfocus.com/archive/1/464880/100/0/threaded
- http://www.securityfocus.com/bid/23352
EPSS
CVE ID
Связанные уязвимости
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.
1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ...
EPSS