CVE-2006-5589

Published: Oct 27, 2006Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) OE.pm, (2) AM.pm, and (3) Form.pm.

Affected (2)

Products: Ledgersmb: Ledgersmb

Ledgersmb

1 product

Ledgersmb

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ledgersmb Ledgersmb	Up to 1.1.0
Ledgersmb Ledgersmb	Version 1.0.0

References (10)

http://secunia.com/advisories/22483

Source: cve@mitre.org

Vendor Advisory

http://sourceforge.net/project/shownotes.php?release_id=456803

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/464789/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20749

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/4209

Source: cve@mitre.org

http://secunia.com/advisories/22483