3 matches found
CVE-2009-0886
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the defaultlanguage parameter...
CVE-2009-0886
The CVE corresponds to a local file inclusion (LFI) vulnerability in OneOrZero Helpdesk
OneOrZero Helpdesk 'login.php' Local File Include Vulnerability
OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...