CVE-2006-5872

EPSS 1.5%

Published: 12/18/2006Modified: 4/28/2026

Also known as:DEBIAN-CVE-2006-5872

Description

login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows remote attackers to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.

Affected packages (1)

Debian/sql-ledgerfrom 0, < 2.6.21-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-5872