VYPR
Unrated severityNVD Advisory· Published Sep 15, 2008· Updated Jun 16, 2026

CVE-2008-4078

CVE-2008-4078

Description

SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ledgersmb:ledgersmb:*:*:*:*:*:*:*:*range: <1.2.15
    • (no CPE)range: <1.2.15
  • cpe:2.3:a:sql-ledger:sql-ledger:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sql-ledger:sql-ledger:*:*:*:*:*:*:*:*range: <=2.8.17
    • (no CPE)range: <=2.8.17

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.