CVE-2004-1413

2004-12-31T05:00:00
ID CVE-2004-1413
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature.