CVE-2007-3907
CVE-2007-3907 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Unspecified vulnerability in login.pl in LedgerSMB 1.2.0 through 1.2.6 allows remote attackers to bypass authentication and perform certain actions as an arbitrary user via unspecified vectors involving a URL with a redirect parameter value, along with a callback parameter containing an escaped URL that specifies the action.
Learn more about our User Device Pen Test.