CVE-2006-4731
Summary
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash).
- LOW
- NETWORK
- NONE
- PARTIAL
- NONE
- NONE
References
Advisory Timeline
- Published