CVE-2010-2911
CVE-2010-2911 affects Kayako eSupport 3.70.02. Affected component: index.php ; vulnerability: SQL injection via the newsid parameter in a viewnews action. Root cause: improper input handling leading to arbitrary SQL execution. Impact: data exposure/modification possible depending on DB privileges...