Directory Traversal Vulnerability in SQL-Ledger Products by Ledge, Inc.
CVE-2009-3583

Currently unrated

Key Information:

Vendor: Sql-ledger
Status: Sql-ledger
Vendor: CVE Published:; 23 December 2009

What is CVE-2009-3583?

A directory traversal vulnerability has been identified in SQL-Ledger 2.8.24, which permits remote attackers to include and execute arbitrary local files through crafted input in the countrycode field. This flaw could potentially allow an attacker to exploit the application by manipulating the input parameters, leading to unauthorized access to sensitive files within the server's directory structure. Organizations using affected versions should assess their vulnerability and apply necessary patches to mitigate this risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/54967

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/508559/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/37877

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 23, 2009
Vulnerability Reserved
Oct 7, 2009

CVE-2009-3583 Data

JSON

Sql-ledger

What is CVE-2009-3583?

References

Timeline