CVE-2007-1540
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-1540
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB before 1.2.0, allows remote attackers to run arbitrary executables and bypass authentication via a .. (dot dot) sequence and trailing NULL (%00) in the login parameter. NOTE: this issue was reportedly addressed in SQL-Ledger 2.6.27, however third-party researchers claim that the file is still executed even though an error is generated.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
LedgerSMB/SQL-Ledger am.pl 目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
(1)SQL-Ledger 2.6.27及之前版本和(2)LedgerSMB 1.2.0之前版本的am.pl中存在目录遍历漏洞。远程攻击者可以借助登陆参数中的..序列和拖动的空(%00),运行任意可执行程序和绕过身份认证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-1540
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-1540
Please Login to view more intelligence information
- http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What%27s%20Newx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2007-1540
Same Patch Batch · n/a · 2007-03-20 · 63 CVEs total
| CVE-2005-4833 | IBM WebSphere应用服务器源码泄露漏洞 | |
| CVE-2007-1510 | Particle Blogger Post.PHP SQL注入漏洞 | |
| CVE-2007-1513 | GrafX Company Website Builder Pro Comanda.PHP 远程文件包含漏洞 | |
| CVE-2007-1512 | Microsoft Windows 多个产品 MFC组件 栈缓冲区溢出漏洞 | |
| CVE-2007-1511 | FrontBase关系数据库服务器create procedure远程栈溢出漏洞 | |
| CVE-2006-7167 | ProRat 远程登录 身份认证绕过漏洞 | |
| CVE-2006-7166 | IBM WebSphere应用服务器源码泄露漏洞 | |
| CVE-2006-7165 | IBM WebSphere应用服务器源码泄露漏洞 | |
| CVE-2006-7164 | IBM WebSphere SimpleFileServlet 信息泄露漏洞 | |
| CVE-2005-4834 | IBM WebSphere应用服务器源码泄露漏洞 | |
| CVE-2006-7168 | PHPBB Add Name Module Not_Mem.PHP 安全漏洞 | |
| CVE-2007-1536 | File(1)工具file_printf整数溢出漏洞 | |
| CVE-2007-1535 | Microsoft Windows Vista Teredo 地址 配置错误漏洞 | |
| CVE-2007-1534 | Microsoft Windows Vista Windows Meeting Space 未明漏洞 | |
| CVE-2007-1533 | Microsoft Windows Vista Teredo UDP 设计错误漏洞 | |
| CVE-2007-1532 | Microsoft Windows Vista neighbor discovery implementation 重定向攻击漏洞 | |
| CVE-2007-1531 | Microsoft Windows Vista ARP表项拒绝服务漏洞 | |
| CVE-2007-1530 | Microsoft Windows Vista LLTD Mapper 远程拒绝服务漏洞 | |
| CVE-2007-1529 | Microsoft Windows Vista LLTD Responder 信息包欺骗漏洞 | |
| CVE-2007-1528 | Microsoft Windows Vista LLTD Mapper 安全限制绕过漏洞 |
Showing top 20 of 63 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2007-1540
No comments yet