{"id":"CVE-2007-0667","details":"The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872.","modified":"2026-04-10T03:38:41.849997Z","published":"2007-02-02T21:28:00Z","references":[{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2007/0407"},{"type":"WEB","url":"http://securityreason.com/securityalert/2217"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/458464/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/459264/100/0/threaded"},{"type":"WEB","url":"http://www.securityfocus.com/bid/22295"}],"schema_version":"1.7.5"}