10 matches found
EUVD-2006-6143
Malware in sbrugna...
Improper access control
Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
CVE-2008-6057
Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request...
CVE-2008-6057
The vulnerability CVE-2008-6057 affects Doug Luxem Liberum Help Desk 0.97.3, where the database file db/helpdesk2000.mdb is stored under the web root with insufficient access control. This allows remote attackers to obtain passwords via a direct request. The NVD entry lists a base score of 5.0 (M...
Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities
No description provided by source. Liberum Help Desk SQL/DD Multiple Remote Vulnerabilities author : Cold z3ro, www.hackteach.org Dork : "Liberum Help Desk, Copyright C 2001 Doug Luxem" ============== SQL Injection http://www.site.com/path/forgotpass.asp In uid insert SQL command's = SCMD == ' or...
CVE-2006-6161
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id and 2 uid parameter to a inout/status.asp, b inout/update.asp, and c forgotpass.asp. NOTE: The provenance of this information is unknown;...
CVE-2006-6161
The CVE-2006-6161 entry affects Doug Luxem’s Liberum Help Desk, specifically versions 0.97.3 and earlier. It describes multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) uid parameters to (a) inout/status.asp, (b) inout/upda...
CVE-2006-6160
The CVE-2006-6160 entry applies to Doug Luxem Liberum Help Desk, version 0.97.3 and earlier, where a SQL injection flaw exists in details.asp that allows remote attackers to execute arbitrary SQL commands through the id parameter. The vulnerability is verified by public records (NVD) and related ...
CVE-2005-1839
The CVE-2005-1839 entry documents multiple SQL injection vulnerabilities in Doug Luxem’s Liberum Help Desk 0.97.3. The flaws allow remote attackers to inject arbitrary SQL via the id parameter to three pages: view.asp, print.asp, and the edit parameter to register.asp. The NVD metrics show a CVSS...
CVE-2005-1839
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 view.asp or 2 print.asp or 3 edit parameter to register.asp...