cbcvebase.
CVE-2007-1540
published 2007-03-20

CVE-2007-1540: Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB before 1.2.0, allows remote attackers to run arbitrary…

PriorityP430medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
4.94%
91.1th percentile
Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB before 1.2.0, allows remote attackers to run arbitrary executables and bypass authentication via a .. (dot dot) sequence and trailing NULL (%00) in the login parameter. NOTE: this issue was reportedly addressed in SQL-Ledger 2.6.27, however third-party researchers claim that the file is still executed even though an error is generated.

Affected

7 ranges
VendorProductVersion rangeFixed in
debiansql-ledger< sql-ledger 2.8.14-1 (bookworm)sql-ledger 2.8.14-1 (bookworm)
ledgersmbledgersmb<= 1.1.8
sql-ledgersql-ledger<= 2.6.27
sql-ledgersql-ledger>= 0 < 2.8.14-12.8.14-1
sql-ledgersql-ledger>= 0 < 2.8.14-12.8.14-1
sql-ledgersql-ledger>= 0 < 2.8.14-12.8.14-1
sql-ledgersql-ledger>= 0 < 2.8.14-12.8.14-1

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv4.3MEDIUM
vendor_debian4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.