Dws Systems Inc. Sql-ledger — known CVE vulnerabilities
Every CVE whose affected-product data names Dws Systems Inc. Sql-ledger, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2007-5372 — CVSS 10.0 (critical): Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to…
CVE-2006-5872 — CVSS 7.5 (high): login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows remote attackers to execute arbitrary Perl code via the "-e" flag in…
CVE-2006-4731 — CVSS 5.0 (medium): Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before…
CVE-2006-4798 — CVSS 5.0 (medium): SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a…