Unrated severityNVD Advisory· Published Apr 10, 2007· Updated Jun 16, 2026
CVE-2007-1923
CVE-2007-1923
Description
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:a:sql-ledger:sql-ledger:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- securityreason.com/securityalert/2552nvdThird Party Advisory
- www.securityfocus.com/archive/1/464880/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/23352nvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/33494nvdThird Party AdvisoryVDB Entry
- osvdb.org/38217nvdBroken Link
- osvdb.org/38218nvdBroken Link
- github.com/ledgersmb/LedgerSMB/blob/master/ChangelognvdRelease Notes
News mentions
0No linked articles in our index yet.