CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Pgobject-Util-Dbadmin Project: >> Pgobject-Util-Dbadmin Security Vulnerabilities

CVE-2018-9246

The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application.

CVSS Score

9.8

EPSS Score

0.01

Published

2018-06-08

Page 1

Vulnerabilities

Vulnerable Software

Pgobject-Util-Dbadmin Project: >> Pgobject-Util-Dbadmin Security Vulnerabilities

Products

Pricing

Contact Us