Sql-ledger Sql-ledger version 2.8.10 : Security vulnerabilities, CVEs

cpe:2.3:a:sql-ledger:sql-ledger:2.8.10:*:*:*:*:*:*:*

Copy

CVE-2008-4078

SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Max CVSS

6.5

EPSS Score

0.40%

Published

2008-09-15

Updated

2024-02-09

CVE-2008-4077

The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large Content-Length.

Max CVSS

7.8

EPSS Score

1.52%

Published

2008-09-15

Updated

2024-02-09

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!