← Back

Pgobject Util Dbadmin

pgobject-util-dbadmin

Vendor: Pgobject Util Dbadmin Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-9246
2Ledgersmb
Pgobject Util Dbadmin Project
2Ledgersmb
Pgobject Util Dbadmin
Nov 21, 2024
Jun 8, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injecti...Show more
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.Show less