Vulnerability Database

296,335

Total vulnerabilities in the database

CVE-2007-5372

Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.

  • Published: Oct 11, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-5372
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

OWASP TOP 10:

Software From Fixed in
dws_systems_inc. / sql-ledger 2.6.14 2.6.14.x
dws_systems_inc. / sql-ledger 2.4.10 2.4.10.x
dws_systems_inc. / sql-ledger 2.4.7 2.4.7.x
ledgersmb / ledgersmb 1.1.0 1.1.0.x
ledgersmb / ledgersmb 1.2.7 1.2.7.x
dws_systems_inc. / sql-ledger 2.2.3 2.2.3.x
dws_systems_inc. / sql-ledger 2.6.12 2.6.12.x
dws_systems_inc. / sql-ledger 2.2.5 2.2.5.x
dws_systems_inc. / sql-ledger 2.4.6 2.4.6.x
dws_systems_inc. / sql-ledger 2.6.15 2.6.15.x
dws_systems_inc. / sql-ledger 2.6.6 2.6.6.x
dws_systems_inc. / sql-ledger 2.6.3 2.6.3.x
ledgersmb / ledgersmb 1.2.3 1.2.3.x
ledgersmb / ledgersmb 1.1.5 1.1.5.x
dws_systems_inc. / sql-ledger 2.4.12 2.4.12.x
dws_systems_inc. / sql-ledger 2.6.13 2.6.13.x
dws_systems_inc. / sql-ledger 2.4.14 2.4.14.x
ledgersmb / ledgersmb 1.2.5 1.2.5.x
dws_systems_inc. / sql-ledger 2.6.1 2.6.1.x
ledgersmb / ledgersmb 1.0.0 1.0.0.x
dws_systems_inc. / sql-ledger 2.6.16 2.6.16.x
ledgersmb / ledgersmb 1.2.2 1.2.2.x
dws_systems_inc. / sql-ledger 2.2.0 2.2.0.x
dws_systems_inc. / sql-ledger 2.6.11 2.6.11.x
dws_systems_inc. / sql-ledger 2.2.6 2.2.6.x
dws_systems_inc. / sql-ledger 2.4.13 2.4.13.x
dws_systems_inc. / sql-ledger 2.4.5 2.4.5.x
ledgersmb / ledgersmb 1.2.6 1.2.6.x
dws_systems_inc. / sql-ledger 2.4.11 2.4.11.x
dws_systems_inc. / sql-ledger 2.6.18 2.6.18.x
dws_systems_inc. / sql-ledger 2.4.16 2.4.16.x
dws_systems_inc. / sql-ledger 2.4.1 2.4.1.x
dws_systems_inc. / sql-ledger 2.4.8 2.4.8.x
dws_systems_inc. / sql-ledger 2.6.9 2.6.9.x
dws_systems_inc. / sql-ledger 2.6.4 2.6.4.x
dws_systems_inc. / sql-ledger 2.6.7 2.6.7.x
dws_systems_inc. / sql-ledger 2.4.3 2.4.3.x
ledgersmb / ledgersmb 1.2.0 1.2.0.x
ledgersmb / ledgersmb 1.1.8 1.1.8.x
dws_systems_inc. / sql-ledger 2.2.4 2.2.4.x
dws_systems_inc. / sql-ledger 2.4.4 2.4.4.x
dws_systems_inc. / sql-ledger 2.4.15 2.4.15.x
ledgersmb / ledgersmb 1.2.1 1.2.1.x
ledgersmb / ledgersmb 1.2.4 1.2.4.x
dws_systems_inc. / sql-ledger 2.6.27 2.6.27.x
dws_systems_inc. / sql-ledger 2.4.9 2.4.9.x
dws_systems_inc. / sql-ledger 2.6.17 2.6.17.x
dws_systems_inc. / sql-ledger 2.4.2 2.4.2.x
dws_systems_inc. / sql-ledger 2.2.1 2.2.1.x
dws_systems_inc. / sql-ledger 2.4.0 2.4.0.x
dws_systems_inc. / sql-ledger 2.2.2 2.2.2.x
ledgersmb / ledgersmb 1.1.1 1.1.1.x
dws_systems_inc. / sql-ledger 2.2.7 2.2.7.x
dws_systems_inc. / sql-ledger 2.6.5 2.6.5.x
dws_systems_inc. / sql-ledger 2.6.8 2.6.8.x
dws_systems_inc. / sql-ledger 2.6.10 2.6.10.x
dws_systems_inc. / sql-ledger 2.6.2 2.6.2.x