Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 10:18 p.m.5 views

CVE-2006-6999

attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter...

4.3CVSS6.9AI score0.01037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 10:13 p.m.5 views

CVE-2006-6998

install/loaderhelp.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERYSTRING, which calls the phpinfo function...

5CVSS6.7AI score0.01076EPSS
Exploits0References1
Prion
Prion
added 2007/08/18 9:17 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Headstart Solutions DeskPRO 3.0.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to 1 techs.php, 2 ticketcategory.php, 3 ticketpriority.php, 4 ticketworkflow.php, 5 ticketescalate.php, 6...

3.5CVSS5.8AI score0.00842EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/08/18 9:17 p.m.15 views

CVE-2007-4413

Direct static code injection vulnerability in admincp/userhelp.php in Headstart Solutions DeskPRO 3.0.2 allows remote authenticated users to inject arbitrary PHP code into an unspecified file via a newentry value in the do parameter...

3.5CVSS6.8AI score0.00847EPSS
Exploits0References3
CVE
CVE
added 2007/08/18 9:0 p.m.55 views

CVE-2007-4412

CVE-2007-4412 describes multiple cross-site scripting (XSS) vulnerabilities in Headstart Solutions DeskPRO 3.0.2. The issues allow remote authenticated users to inject arbitrary script/HTML via unspecified parameters to a set of PHP scripts (techs.php, ticket_category.php, ticket_priority.php, ti...

3.5CVSS5.6AI score0.00842EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/02/12 5:28 p.m.21 views

CVE-2006-6998

install/loaderhelp.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERYSTRING, which calls the phpinfo function...

5CVSS6.3AI score0.01076EPSS
Exploits0References1
NVD
NVD
added 2007/02/12 5:28 p.m.12 views

CVE-2006-6999

attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter...

4.3CVSS6.5AI score0.01037EPSS
Exploits1References1
CVE
CVE
added 2007/02/12 5:0 p.m.41 views

CVE-2006-6998

CVE-2006-6998 affects Headstart Solutions DeskPRO. The vulnerable file is install/loader_help.php, which can be accessed with a q=phpinfo QUERY_STRING to trigger phpinfo, allowing remote attackers to obtain configuration information. Documented impact is Partial Confidentiality with no integrity/...

5CVSS6.3AI score0.01076EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder