Lucene search
K

1164 matches found

Exploit DB
Exploit DB
added 2005/06/08 12:0 a.m.21 views

Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/13897/info Cerberus Helpdesk is affected by various cross-site scripting vulnerabilities. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2737

SQL injection vulnerability in problist.asp in NetSupport DNA HelpDesk 1.01 allows remote attackers to execute arbitrary SQL commands via the where parameter...

7.5CVSS8.4AI score0.01002EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.16 views

Cerberus Helpdesk < Cerberus Helpdesk 4.0 Build 603

Binary data 4519.prm...

5CVSS7.3AI score0.01159EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/02 12:0 a.m.27 views

Polar HelpDesk Authentication Bypass

The remote server is running Polar HelpDesk. There is a flaw in the remote version of this software that may allow an attacker to bypass the authentication mechanism of this software and gain administrative access. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. UNTESTED...

5CVSS5.6AI score0.0536EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2004/07/24 12:0 a.m.44 views

netsupportDNA.txt

NetSupport DNA HelpDesk SQL Injection Summary DNA Helpdesk is "a fully web based solution providing detailed recording and tracking of user Help Requests". We found the product to contain at least one exploitable SQL Injection vulnerability that would allow a normal user to at the very least gain...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/07/24 12:0 a.m.24 views

LBEhelpdesk.txt

LBE Web HelpDesk SQL Injection Summary Leigh Business Enterprises's Web HelpDesk is "operated entirely through your web browser and is designed to be used by both your support staff and your customers". We found the product to contain at least one exploitable SQL Injection vulnerability that woul...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2004/07/24 12:0 a.m.33 views

polarHelp.txt

Polar HelpDesk Inadequate Security Checks Summary Polar HelpDesk is "a software solution for implementation of a help desk support system on your web site". We found the product to inadequately verify whether the user logged on to the system provided username and password or the privileges that t...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/07/21 12:0 a.m.21 views

Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection

Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection source: https://www.securityfocus.com/bid/10773/info LBE Web HelpDesk is reported susceptible to an SQL injection vulnerability. This issue is due to improper sanitization of user-supplied data. This issue may allow a remote attacker to...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2004/07/21 12:0 a.m.151 views

[NT] LBE Web HelpDesk SQL Injection

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

8.5AI score
Exploits0
securityvulns
securityvulns
added 2004/07/21 12:0 a.m.37 views

[NT] Polar HelpDesk Inadequate Security Checks

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Exploits0
Exploit DB
Exploit DB
added 2004/07/21 12:0 a.m.26 views

Polar Helpdesk 3.0 - Cookie Based Authentication Bypass

source: https://www.securityfocus.com/bid/10775/info Polar Helpdesk is reported prone to a cookie based authentication system bypass vulnerability. It is reported that the authentication and privilege system for Polar Helpdesk is based entirely on the values read from a cookie that is saved on th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/21 12:0 a.m.38 views

NetSupport DNA HelpDesk 1.0 Problist Script - SQL Injection

source: https://www.securityfocus.com/bid/10772/info An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This vulnerability exists due to insufficient...

7.4AI score
Exploits0
NVD
NVD
added 2003/06/09 4:0 a.m.14 views

CVE-2003-0303

SQL injection vulnerability in one||zero aka One or Zero Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter...

5CVSS7.7AI score0.02531EPSS
Exploits1References3
NVD
NVD
added 2003/06/09 4:0 a.m.17 views

CVE-2003-0304

one||zero aka One or Zero Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script...

10CVSS6.7AI score0.08062EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2003/05/21 12:0 a.m.32 views

OneOrZero Helpdesk tupdate.php sg Parameter SQL Injection

The remote host is running OneOrZero, an online helpdesk. There are multiple flaws in this software that could allow an attacker to insert arbitrary SQL commands in the remote database, or even to gain administrative privileges on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Re...

5CVSS6.1AI score0.02531EPSS
Exploits1References1
Cvelist
Cvelist
added 2003/05/17 4:0 a.m.21 views

CVE-2003-0303

SQL injection vulnerability in one||zero aka One or Zero Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter...

7.7AI score0.02531EPSS
Exploits1References3
CVE
CVE
added 2003/05/17 4:0 a.m.56 views

CVE-2003-0303

CVE-2003-0303 corresponds to a SQL injection in OneOrZero Helpdesk 1.4 RC4. The vulnerability allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter (tupdate.php), affecting the integrity of the helpdesk data without affecting confidentiality. Connected source...

5CVSS7.7AI score0.02531EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2003/05/17 4:0 a.m.27 views

CVE-2003-0304

one||zero aka One or Zero Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script...

6.7AI score0.08062EPSS
Exploits1References2
CVE
CVE
added 2003/05/17 4:0 a.m.43 views

CVE-2003-0304

The CVE-2003-0304 entry concerns One||Zero Helpdesk 1.4 rc4, where remote attackers can create administrator accounts by directly invoking the Helpdesk Installation script (install.php). The vulnerability arises from improper handling of installation script execution, enabling privilege escalatio...

10CVSS7.1AI score0.08062EPSS
Exploits1References2Affected Software1
exploitpack
exploitpack
added 2003/05/15 12:0 a.m.15 views

OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection

OneOrZero Helpdesk 1.4 - TUpdate.php SQL Injection source: https://www.securityfocus.com/bid/7609/info An SQL injection issue has been reported to affect OneOrZero Helpdesk. The error presents itself in a OneOrZero Helpdesk script that fails to sufficiently sanitize user-supplied input before...

0.4AI score
Exploits0
Rows per page
Query Builder