{"id":"CVE-2006-4798","details":"SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.","modified":"2026-04-10T03:38:32.987212Z","published":"2006-09-14T21:07:00Z","references":[{"type":"EVIDENCE","url":"http://www.securityfocus.com/archive/1/445512"},{"type":"FIX","url":"http://www.securityfocus.com/archive/1/445512"},{"type":"WEB","url":"http://securityreason.com/securityalert/1579"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/28671"}],"schema_version":"1.7.5"}