cerberusHelp.txt

Title: Cerberus Helpdesk multiple vulnerabilities. Severity: Medium Affected: cerberus-gui 2.649, support-center 2.6493.2.0pr2 Problem type: remote Author: Alejandro Ramos Description: ------------------------------------------------------------------------------- Cerberus Helpdesk is a WebGroup...

CVE-2005-4427

Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remote attackers to execute arbitrary SQL commands via the 1 fileid parameter to attachmentsend.php, 2 the $addy variable in emailparser.php, 3 $address variable in emailparser.php, 4 $aaddress variable in structs.php, 5 kbid...

CVE-2005-3502

attachmentsend.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified fileid parameter...

CVE-2005-3502

attachmentsend.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified fileid parameter...

CVE-2005-3502

The CVE-2005-3502 entry concerns Cerberus Helpdesk: the attachment_send.php component is vulnerable to an unauthorized access flaw where a modified file_id parameter lets remote attackers view attachments and tickets of other users. The available sources confirm the affected product and the acces...