Lucene search

[email protected]CVE-2002-0932

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0932

2002-10-0404:00:00

[email protected]

web.nvd.nist.gov

sql injection

myhelpdesk

security vulnerability

unauthorized access

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.0%

JSON

SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the “id” parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog.

Affected configurations

NVD

Node

luis_bernardomyhelpdeskRange≤2002-05-09

CPENameOperatorVersion
luis_bernardo:myhelpdeskluis bernardo myhelpdeskle2002-05-09

CPE	Name	Operator	Version
luis_bernardo:myhelpdesk	luis bernardo myhelpdesk	le	2002-05-09

References

archives.neohapsis.com/archives/bugtraq/2002-06/0057.html

www.iss.net/security_center/static/9321.php

www.securityfocus.com/bid/4971

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.0%

JSON

Related for CVE-2002-0932

nvd1 cvelist1