Secunia Security Advisory – Alexander Klink has reported some vulnerabilities in SQL-Ledger, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious users to conduct script insertion and SQL injection attacks, or bypass certain security restrictions.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/84165/sa37877.txt
Source: https://packetstormsecurity.com/files/84165/Secunia-Security-Advisory-37877.html