Security Advisory

CVE-2007-1923

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-04-10 00:00:00

Last updated 2024-08-07 13:13:41

Assigner mitre

State PUBLISHED

Description

(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.

← Browse all CVEs View on cve.org ↗