CVE-2007-5372
CVE Descriptions
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 10 | AV:N/AC:L/Au:N/C:C/I:C/A:C | nvd@nist.gov |
EPSS
EPSS Score
EPSS Percentile
Products Mentioned
Configuraton 0
Dws_systems_inc.>>Sql-ledger >> Version 2.2.0
Dws_systems_inc.>>Sql-ledger >> Version 2.2.1
Dws_systems_inc.>>Sql-ledger >> Version 2.2.2
Dws_systems_inc.>>Sql-ledger >> Version 2.2.3
Dws_systems_inc.>>Sql-ledger >> Version 2.2.4
Dws_systems_inc.>>Sql-ledger >> Version 2.2.5
Dws_systems_inc.>>Sql-ledger >> Version 2.2.6
Dws_systems_inc.>>Sql-ledger >> Version 2.2.7
Dws_systems_inc.>>Sql-ledger >> Version 2.4.0
Dws_systems_inc.>>Sql-ledger >> Version 2.4.1
Dws_systems_inc.>>Sql-ledger >> Version 2.4.2
Dws_systems_inc.>>Sql-ledger >> Version 2.4.3
Dws_systems_inc.>>Sql-ledger >> Version 2.4.4
Dws_systems_inc.>>Sql-ledger >> Version 2.4.5
Dws_systems_inc.>>Sql-ledger >> Version 2.4.6
Dws_systems_inc.>>Sql-ledger >> Version 2.4.7
Dws_systems_inc.>>Sql-ledger >> Version 2.4.8
Dws_systems_inc.>>Sql-ledger >> Version 2.4.9
Dws_systems_inc.>>Sql-ledger >> Version 2.4.10
Dws_systems_inc.>>Sql-ledger >> Version 2.4.11
Dws_systems_inc.>>Sql-ledger >> Version 2.4.12
Dws_systems_inc.>>Sql-ledger >> Version 2.4.13
Dws_systems_inc.>>Sql-ledger >> Version 2.4.14
Dws_systems_inc.>>Sql-ledger >> Version 2.4.15
Dws_systems_inc.>>Sql-ledger >> Version 2.4.16
Dws_systems_inc.>>Sql-ledger >> Version 2.6.1
Dws_systems_inc.>>Sql-ledger >> Version 2.6.2
Dws_systems_inc.>>Sql-ledger >> Version 2.6.3
Dws_systems_inc.>>Sql-ledger >> Version 2.6.4
Dws_systems_inc.>>Sql-ledger >> Version 2.6.5
Dws_systems_inc.>>Sql-ledger >> Version 2.6.6
Dws_systems_inc.>>Sql-ledger >> Version 2.6.7
Dws_systems_inc.>>Sql-ledger >> Version 2.6.8
Dws_systems_inc.>>Sql-ledger >> Version 2.6.9
Dws_systems_inc.>>Sql-ledger >> Version 2.6.10
Dws_systems_inc.>>Sql-ledger >> Version 2.6.11
Dws_systems_inc.>>Sql-ledger >> Version 2.6.12
Dws_systems_inc.>>Sql-ledger >> Version 2.6.13
Dws_systems_inc.>>Sql-ledger >> Version 2.6.14
Dws_systems_inc.>>Sql-ledger >> Version 2.6.15
Dws_systems_inc.>>Sql-ledger >> Version 2.6.16
Dws_systems_inc.>>Sql-ledger >> Version 2.6.17
Dws_systems_inc.>>Sql-ledger >> Version 2.6.18
Dws_systems_inc.>>Sql-ledger >> Version 2.6.27
Ledgersmb>>Ledgersmb >> Version 1.0.0
- Ledgersmb>>Ledgersmb >> Version 1.0.0 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.1.0
Ledgersmb>>Ledgersmb >> Version 1.1.1
- Ledgersmb>>Ledgersmb >> Version 1.1.1 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.1.5
Ledgersmb>>Ledgersmb >> Version 1.1.8
Ledgersmb>>Ledgersmb >> Version 1.2.0
- Ledgersmb>>Ledgersmb >> Version 1.2.0 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.1
- Ledgersmb>>Ledgersmb >> Version 1.2.1 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.2
- Ledgersmb>>Ledgersmb >> Version 1.2.2 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.3
- Ledgersmb>>Ledgersmb >> Version 1.2.3 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.4
- Ledgersmb>>Ledgersmb >> Version 1.2.4 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.5
- Ledgersmb>>Ledgersmb >> Version 1.2.5 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.6
- Ledgersmb>>Ledgersmb >> Version 1.2.6 (Open CPE detail)
Ledgersmb>>Ledgersmb >> Version 1.2.7
- Ledgersmb>>Ledgersmb >> Version 1.2.7 (Open CPE detail)
References
Tags : mailing-list, x_refsource_BUGTRAQ
