CVE-2006-4244

Name: CVE-2006-4244
Creator: NVD / NIST
Published: 2006-08-31T01:04:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.81%

Last modified Jun 16, 2026

CVE-2006-4244 is a vulnerability of currently unknown severity. SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.. EPSS estimates a 1.81% chance of exploitation in the next 30 days.

Description

SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[username] cookie matches the value of the sessionid parameter, which allows remote attackers to gain access as any logged-in user by setting the cookie and the parameter to the same value.

Metrics

EPSS Probability

1.81%

75.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-287

Affected Software

Vendor	Product	Versions
Sql-Ledger	Sql-Ledger	2.4.4
Sql-Ledger	Sql-Ledger	2.4.5
Sql-Ledger	Sql-Ledger	2.4.6
Sql-Ledger	Sql-Ledger	2.4.7
Sql-Ledger	Sql-Ledger	2.4.8
Sql-Ledger	Sql-Ledger	2.4.9
Sql-Ledger	Sql-Ledger	2.4.10
Sql-Ledger	Sql-Ledger	2.4.11
Sql-Ledger	Sql-Ledger	2.4.12
Sql-Ledger	Sql-Ledger	2.4.13
Sql-Ledger	Sql-Ledger	2.4.14
Sql-Ledger	Sql-Ledger	2.4.15
Sql-Ledger	Sql-Ledger	2.4.16
Sql-Ledger	Sql-Ledger	2.6.0
Sql-Ledger	Sql-Ledger	2.6.1
Sql-Ledger	Sql-Ledger	2.6.2
Sql-Ledger	Sql-Ledger	2.6.3
Sql-Ledger	Sql-Ledger	2.6.4
Sql-Ledger	Sql-Ledger	2.6.5
Sql-Ledger	Sql-Ledger	2.6.6
Sql-Ledger	Sql-Ledger	2.6.7
Sql-Ledger	Sql-Ledger	2.6.8
Sql-Ledger	Sql-Ledger	2.6.9
Sql-Ledger	Sql-Ledger	2.6.10
Sql-Ledger	Sql-Ledger	2.6.11
Sql-Ledger	Sql-Ledger	2.6.12
Sql-Ledger	Sql-Ledger	2.6.13
Sql-Ledger	Sql-Ledger	2.6.14
Sql-Ledger	Sql-Ledger	2.6.15
Sql-Ledger	Sql-Ledger	2.6.16
Sql-Ledger	Sql-Ledger	2.6.17

References

Timeline

Published: Aug 31, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-4244?

How severe is CVE-2006-4244?

Severity scoring for CVE-2006-4244 is pending analysis. The EPSS model estimates a 1.81% probability of exploitation in the next 30 days.

How do I fix CVE-2006-4244?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-4244?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST