CVE-2007-1923

Name of the Vulnerable Software and Affected Versions LedgerSMB versions prior to 1.3.0 DWS Systems SQL-Ledger (affected versions not specified)

Description The issue allows remote attackers to access restricted functionality via direct requests, as access control lists are implemented by changing the set of URLs linked from menus.

Recommendations For LedgerSMB versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue. For DWS Systems SQL-Ledger, at the moment, there is no information about a newer version that contains a fix for this vulnerability.