PT-2006-5570 · Sql Ledger · Sql-Ledger

Chris Travers

Published

2006-09-14

Updated

2017-07-20

CVE-2006-4798

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions SQL-Ledger versions prior to 2.4.4

Description The issue allows context-dependent attackers to potentially obtain a password via a Referer field or browser history because the password is stored in a query string.

Recommendations For versions prior to 2.4.4, update to version 2.4.4 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4798

Affected Products

Sql-Ledger

PT-2006-5570 · Sql Ledger · Sql-Ledger

CVE-2006-4798

Related Identifiers

Affected Products

References · 7