Lucene search

[email protected]CVE-2006-4731

HistorySep 13, 2006 - 12:07 a.m.

CVE-2006-4731

2006-09-1300:07:00

[email protected]

web.nvd.nist.gov

cve

2006

4731

directory traversal

admin.pl

sql-ledger

ledgersmb

remote code execution

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing …/ (dot dot slash).

Affected configurations

NVD

Node

dws_systems_inc.sql-ledgerMatch2.2.0

dws_systems_inc.sql-ledgerMatch2.2.1

dws_systems_inc.sql-ledgerMatch2.2.2

dws_systems_inc.sql-ledgerMatch2.2.3

dws_systems_inc.sql-ledgerMatch2.2.4

dws_systems_inc.sql-ledgerMatch2.2.5

dws_systems_inc.sql-ledgerMatch2.2.6

dws_systems_inc.sql-ledgerMatch2.2.7

dws_systems_inc.sql-ledgerMatch2.4.0

dws_systems_inc.sql-ledgerMatch2.4.1

dws_systems_inc.sql-ledgerMatch2.4.2

dws_systems_inc.sql-ledgerMatch2.4.3

dws_systems_inc.sql-ledgerMatch2.4.4

dws_systems_inc.sql-ledgerMatch2.4.5

dws_systems_inc.sql-ledgerMatch2.4.6

dws_systems_inc.sql-ledgerMatch2.4.7

dws_systems_inc.sql-ledgerMatch2.4.8

dws_systems_inc.sql-ledgerMatch2.4.9

dws_systems_inc.sql-ledgerMatch2.4.10

dws_systems_inc.sql-ledgerMatch2.4.11

dws_systems_inc.sql-ledgerMatch2.4.12

dws_systems_inc.sql-ledgerMatch2.4.13

dws_systems_inc.sql-ledgerMatch2.4.14

dws_systems_inc.sql-ledgerMatch2.4.15

dws_systems_inc.sql-ledgerMatch2.4.16

dws_systems_inc.sql-ledgerMatch2.6.1

dws_systems_inc.sql-ledgerMatch2.6.2

dws_systems_inc.sql-ledgerMatch2.6.3

dws_systems_inc.sql-ledgerMatch2.6.4

dws_systems_inc.sql-ledgerMatch2.6.5

dws_systems_inc.sql-ledgerMatch2.6.6

dws_systems_inc.sql-ledgerMatch2.6.7

dws_systems_inc.sql-ledgerMatch2.6.8

dws_systems_inc.sql-ledgerMatch2.6.9

dws_systems_inc.sql-ledgerMatch2.6.10

dws_systems_inc.sql-ledgerMatch2.6.11

dws_systems_inc.sql-ledgerMatch2.6.12

dws_systems_inc.sql-ledgerMatch2.6.13

dws_systems_inc.sql-ledgerMatch2.6.14

dws_systems_inc.sql-ledgerMatch2.6.15

dws_systems_inc.sql-ledgerMatch2.6.16

dws_systems_inc.sql-ledgerMatch2.6.17

dws_systems_inc.sql-ledgerMatch2.6.18

ledgersmbledgersmbRange≤1.0.0

CPENameOperatorVersion
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.0
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.1
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.2
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.3
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.4
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.5
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.6
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.2.7
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.4.0
dws_systems_inc.:sql-ledgerdws systems inc. sql-ledgereq2.4.1

CPE	Name	Operator	Version
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.0
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.1
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.2
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.3
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.4
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.5
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.6
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.2.7
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.4.0
dws_systems_inc.:sql-ledger	dws systems inc. sql-ledger	eq	2.4.1