The remote web server contains a Perl application that is prone to an authentication bypass issue.
The remote host is running LedgerSMB or SQL-Ledger, a web-based double-entry accounting system. The version of LedgerSMB or SQL-Ledger on the remote host contains a design flaw that can be leveraged by a remote attacker to bypass authentication and can gain administrative access of the application.
If using LedgerSMB, upgrade to 1.1.9 or higher. There is no known solution for SQL-Ledger at this time.