Information on source package sql-ledger

Available versions

ReleaseVersion
bullseye3.2.6-1
bookworm3.2.6-1
trixie3.2.6-1
sid3.2.6-1

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2009-4402vulnerablevulnerablevulnerablevulnerableThe default configuration of SQL-Ledger 2.8.24 allows remote attackers ...
CVE-2009-3584vulnerablevulnerablevulnerablevulnerableSQL-Ledger 2.8.24 does not set the secure flag for the session cookie ...
CVE-2009-3583vulnerablevulnerablevulnerablevulnerableDirectory traversal vulnerability in the Preferences menu item in SQL- ...
CVE-2009-3582vulnerablevulnerablevulnerablevulnerableMultiple SQL injection vulnerabilities in the delete subroutine in SQL ...
CVE-2009-3581vulnerablevulnerablevulnerablevulnerableMultiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8. ...
CVE-2009-3580vulnerablevulnerablevulnerablevulnerableCross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger ...
CVE-2008-4078vulnerablevulnerablevulnerablevulnerableSQL injection vulnerability in the AR/AP transaction report in (1) Led ...
CVE-2008-4077vulnerablevulnerablevulnerablevulnerableThe CGI scripts in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledg ...
CVE-2007-5372vulnerablevulnerablevulnerablevulnerableMultiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through ...
CVE-2007-1923vulnerablevulnerablevulnerablevulnerable(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control ...
CVE-2007-1329vulnerablevulnerablevulnerablevulnerableDirectory traversal vulnerability in SQL-Ledger, and LedgerSMB before ...
CVE-2007-0667vulnerablevulnerablevulnerablevulnerableThe redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2 ...

Resolved issues

BugDescription
CVE-2007-1541Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only c ...
CVE-2007-1540Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 an ...
CVE-2007-1437Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger bef ...
CVE-2007-1436Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and ...
CVE-2006-5872login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows ...
CVE-2006-4798SQL-Ledger before 2.4.4 stores a password in a query string, which mig ...
CVE-2006-4731Multiple directory traversal vulnerabilities in (1) login.pl and (2) a ...
CVE-2006-4244SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that ...

Security announcements

DSA / DLADescription
DSA-1239-1sql-ledger

Search for package or bug name: Reporting problems