Lucene search
HistoryDec 28, 2007 - 12:46 a.m.
CVE-2007-6550
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.164
Percentile
96.1%
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
Affected configurations
Node
pmos_helpdeskpmos_helpdeskRange≤2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pmos_helpdesk | pmos_helpdesk | * | cpe:2.3:a:pmos_helpdesk:pmos_helpdesk:*:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2007-12-28 00:46:00
cvelist
cvelist
CVE-2007-6550
2007-12-28 00:00:00
cve
cve
CVE-2007-6550
2007-12-28 00:46:00
nessus
nessus
PMOS Help Desk form.php Arbitrary Code Execution
2007-12-26 00:00:00
exploitdb
exploitdb
PMOS Help Desk 2.4 - Remote Command Execution
2007-12-25 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.164
Percentile
96.1%
Related for NVD:CVE-2007-6550