Known Vulnerabilities for Ledgersmb by Ledgersmb

Listed below are 10 of the newest known vulnerabilities associated with the software "Ledgersmb" by "Ledgersmb".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-3882 LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSM... 5.9 - MEDIUM 2021-10-14 2021-10-14
CVE-2021-3731 LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allo... 4.7 - MEDIUM 2021-08-23 2021-08-27
CVE-2021-3694 LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an auth... 9.6 - CRITICAL 2021-08-23 2021-08-27
CVE-2021-3693 LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an... 9.6 - CRITICAL 2021-08-23 2021-08-27
CVE-2018-9246 The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or e... 9.8 - CRITICAL 2018-06-08 2018-08-01
CVE-2008-4078 SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 a... 6.5 - MEDIUM 2008-09-15 2018-10-11
CVE-2008-4077 The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a... 7.8 - HIGH 2008-09-15 2018-10-11
CVE-2007-1436 Unspecified vulnerability in in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote attackers to bypas... 7.5 - HIGH 2007-03-13 2018-10-16
CVE-2007-1329 Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite ar... 10 - HIGH 2007-03-07 2018-10-16
CVE-2007-0667 The redirect function in for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execu... 6.5 - MEDIUM 2007-02-02 2018-10-16

Popular searches for Ledgersmb


LedgerSMB Repository for the LedgerSMB / - project -- web app for accounting & ERP - ledgersmb LedgerSMB

LedgerSMB GitHub Web application Installation (computer programs) Software repository Enterprise resource planning PostgreSQL Perl Server (computing) Coupling (computer programming) System requirements Accounting Repository (version control) Docker (software) Package manager PDF Invoice Library (computing) Client (computing) Accounting software

Open Source ERP: accounting, invoicing and more | LedgerSMB

? ;Open Source ERP: accounting, invoicing and more | LedgerSMB The LedgerSMB project aims to prevent small and mid-size businesses from getting locked-in by their accounting software vendor by providing free and open source accounting software, integrating invoicing, order processing, quotations and more ERP . LedgerSMB aims to provide a strong accounting basis to build your business on. Although the nature of open source projects makes it hard to know where our software is being used; however, the project is aware of installations in the US, Canada, EU Netherlands, Hungary, Estonia, United Kingdom , Indonesia, Myanmar, Philippines, Hong Kong, Malaysia, Australia, Barbados and Colombia. This release has a wide variety of improvements and code cleanups: it features faster loading of the menu, fixed migrations from 1.2, the ability to upload a logo into the database and include it in printed documents and much more... LedgerSMB Invoice Enterprise resource planning Accounting software Accounting Business Open source Software Open-source software Free and open-source software Order processing Software company Application software Database Malaysia European Union Hong Kong Indonesia Upload Project

© 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license. and Source URL Uptime Status