PublicDate: 2008-09-15 15:14:00 UTC
Candidate: CVE-2008-4078
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4078
Description:
 SQL injection vulnerability in the AR/AP transaction report in (1)
 LedgerSMB (LSMB) before 1.2.15 and (2) SQL-Ledger 2.8.17 and earlier allows
 remote authenticated users to execute arbitrary SQL commands via
 unspecified vectors.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_sql-ledger:
upstream_sql-ledger: released (2.8.17)
dapper_sql-ledger: ignored (reached end-of-life)
feisty_sql-ledger: needed (reached end-of-life)
gutsy_sql-ledger: needed (reached end-of-life)
hardy_sql-ledger: ignored (reached end-of-life)
intrepid_sql-ledger: needed (reached end-of-life)
jaunty_sql-ledger: not-affected (2.8.18-1)
karmic_sql-ledger: not-affected (2.8.18-1)
lucid_sql-ledger: not-affected (2.8.18-1)
maverick_sql-ledger: not-affected (2.8.18-1)
natty_sql-ledger: not-affected (2.8.18-1)
oneiric_sql-ledger: not-affected (2.8.18-1)
devel_sql-ledger: not-affected (2.8.18-1)