Known Vulnerabilities for products from Ledgersmb
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Ledgersmb".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
|CVE||Shortened Description||Severity||Publish Date||Last Modified|
|CVE-2021-3882||LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSM...||6.8 - MEDIUM||2021-10-14||2021-10-20|
|CVE-2021-3731||LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allo...||4.7 - MEDIUM||2021-08-23||2021-08-27|
|CVE-2021-3694||LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an auth...||9.6 - CRITICAL||2021-08-23||2021-08-27|
|CVE-2021-3693||LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an...||9.6 - CRITICAL||2021-08-23||2021-08-27|
|CVE-2018-9246||The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or e...||9.8 - CRITICAL||2018-06-08||2018-08-01|
|CVE-2008-4078||SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 a...||6.5 - MEDIUM||2008-09-15||2018-10-11|
|CVE-2008-4077||The CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allow remote attackers to cause a...||7.8 - HIGH||2008-09-15||2018-10-11|
|CVE-2007-5372||Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote a...||10 - HIGH||2007-10-11||2018-10-15|
|CVE-2007-3907||Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and p...||10 - HIGH||2007-07-19||2018-10-15|
|CVE-2007-1923||(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, wh...||7.5 - HIGH||2007-04-10||2018-10-16|
|CVE-2007-1540||Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB before 1.2.0, allows remot...||4.3 - MEDIUM||2007-03-20||2018-10-16|
|CVE-2007-1437||Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files a...||9 - HIGH||2007-03-13||2018-10-16|
|CVE-2007-1436||Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote attackers to bypas...||7.5 - HIGH||2007-03-13||2018-10-16|
|CVE-2007-1329||Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite ar...||10 - HIGH||2007-03-07||2018-10-16|
|CVE-2007-0667||The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execu...||6.5 - MEDIUM||2007-02-02||2018-10-16|
|CVE-2006-5589||Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and earlier allow remote attackers to execute arbitrary SQL ...||7.5 - HIGH||2006-10-27||2018-10-17|
|CVE-2006-4731||Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerS...||5 - MEDIUM||2006-09-13||2018-10-17|
Popular searches for "Ledgersmb"
? ;Open Source ERP: accounting, invoicing and more | LedgerSMB The LedgerSMB project aims to prevent small and mid-size businesses from getting locked-in by their accounting software vendor by providing free and open source accounting software, integrating invoicing, order processing, quotations and more ERP . LedgerSMB aims to provide a strong accounting basis to build your business on. Although the nature of open source projects makes it hard to know where our software is being used; however, the project is aware of installations in the US, Canada, EU Netherlands, Hungary, Estonia, United Kingdom , Indonesia, Myanmar, Philippines, Hong Kong, Malaysia, Australia, Barbados and Colombia. This release has a wide variety of improvements and code cleanups: it features faster loading of the menu, fixed migrations from 1.2, the ability to upload a logo into the database and include it in printed documents and much more...ledgersmb.org/content/open-source-erp-accounting-invoicing-and-more freshmeat.sourceforge.net/urls/e14d3b1c9d22bc662fedbe93c07dbe34 LedgerSMB Invoice Enterprise resource planning Accounting software Accounting Open source Business Software Open-source software Free and open-source software Order processing Software company Application software Database Malaysia European Union Hong Kong Menu (computing) Indonesia Upload