Unrated severityNVD Advisory· Published Mar 7, 2007· Updated Jun 16, 2026
CVE-2007-1329
CVE-2007-1329
Description
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:sql-ledger:sql-ledger:2.6.25:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
8News mentions
0No linked articles in our index yet.