CVE-2007-1436

Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote attackers to bypass authentication via unknown vectors that prevents a password check from occurring. This vulnerability is addressed in the following product updates: SQL-Ledger, 2.6.26 LedgerSMB, 1.1.9

Publication date: Wed, 14 Mar 2007 00:19:00 +0000

Cyber News related to CVE-2007-1436

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-1436 - Unspecified vulnerability in admin.pl in SQL-Ledger before 2.6.26 and LedgerSMB before 1.1.9 allows remote attackers to bypass authentication via unknown vectors that prevents a password check from occurring. This vulnerability is addressed in the ...
6 years ago

CVE-2019-1436 - An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1440. ...
5 years ago

CVE-2019-1440 - An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1436. ...
5 years ago

CVE-2002-1436 - The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. ...
16 years ago

CVE-2006-1436 - Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) ...
16 years ago

CVE-2012-1436 - The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware ...
12 years ago

CVE-2005-1436 - Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to ...
11 years ago

CVE-2013-1436 - The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an ...
10 years ago

CVE-1999-1436 - Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter. ...
8 years ago

CVE-2009-1436 - The db interface in libc in FreeBSD 6.3, 6.4, 7.0, 7.1, and 7.2-PRERELEASE does not properly initialize memory for Berkeley DB 1.85 database structures, which allows local users to obtain sensitive information by reading a database file. ...
8 years ago

CVE-2016-1436 - The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted ...
8 years ago

CVE-2001-1436 - Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password. New version DS1963S corrects problem. ...
1 year ago

CVE-2003-1436 - PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows remote attackers to execute arbitrary PHP code via the filhead parameter. ...
7 years ago

CVE-2004-1436 - The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging ...
6 years ago

CVE-2008-1436 - Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service ...
5 years ago

CVE-2015-1436 - Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easingslider_manage_customizations or (2) ...
5 years ago

CVE-2011-1436 - Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. ...
4 years ago

CVE-2021-1436 - A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. This vulnerability is due to insufficient ...
3 years ago

CVE-2020-1436 - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka ...
2 years ago

CVE-2022-1436 - The WPCargo Track & Trace WordPress plugin before 6.9.5 does not sanitise and escape the wpcargo_tracking_number parameter before outputting it back in the page, which could allow attackers to perform reflected Cross-Site Scripting attacks. ...
2 years ago

CVE-2010-1436 - gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2_quota struct occupies two separate pages, which allows local users to cause a denial of service (kernel panic) via certain manipulations that cause ...
1 year ago

CVE-2022-34849 - Uncaught exception in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1436(v2) may allow a privileged user to potentially enable denial of service via local access. ...
1 year ago

CVE-2023-1436 - An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. ...
1 year ago

CVE-2014-1436 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
55 years ago Tenable.com

Latest Cyber News

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 42 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 5 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 5 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 8 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 8 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 8 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 9 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 12 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 12 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 14 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 14 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 14 hours ago
CVE-2025-1207 - 14 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 42 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 5 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 5 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 8 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 8 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 8 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 9 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 12 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 14 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 12 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 14 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 14 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
CVE-2023-40721 - 1 day ago