|
|
CVE Reference: CVE-2007-3907 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3907 |
|
|
Description: Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and perform certain actions as an arbitrary user via unspecified vectors involving a URL with a redirect parameter value, along with a callback parameter containing an escaped URL that specifies the action. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35507 SAID Secunia Advisory: SA26121 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=523576&group_id=175965 http://www.ledgersmb.org/node/52 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/473987/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/473993/100/0/threaded BID 24940 |
|
| Return to the previous page. |
