Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-4244 7.5
SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie
17-10-2018 - 21:34 31-08-2006 - 01:04
CVE-2006-4798 5.0
SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.
20-07-2017 - 01:33 14-09-2006 - 21:07
Back to Top Mark selected
Back to Top