CVE-2007-4240

The checklogout function in class/auth.php in Help Center Live hcl 2.1.3a sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to delete administrative users and have other unspecified impact via certain requests to 1...

Help Center Live < 2.1.5 Admin Authentication Bypass

Binary data 4162.prm...

CVE-2007-3180

Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors...

Fedora Core 5 : kdebase-3.5.3-0.3.fc5 (2006-726)

Thu Jun 15 2006 Than Ngo 6:3.5.3-0.3.fc5 - fix BR - Wed Jun 14 2006 Than Ngo 6:3.5.3-0.2.fc5 - apply patch to to fix 194659, CVE-2006-2449 KDM symlink attack vulnerability thanks to KDE security team - Thu Jun 8 2006 Than Ngo 6:3.5.3-0.1.fc5 - update to 3.5.3 - Fri May 12 2006 Than Ngo...

Help Center Live Module.PHP远程目录遍历漏洞

Help Center Live是一款基于PHP的WEB应用程序。 Help Center Live不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'module.php'脚本对用户提交的"file"参数缺少过滤，提交包含多个"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB进程权限执行任意命令。 Help Center Live Help Center Live 2.1.2 http://www.helpcenterlive.com/...

Help Center Live <= 2.1.2 Directory Traversal

Binary data 3696.prm...

Help Center Live 2.1.2 - &#039;module.php&#039; Directory Traversal

source: https://www.securityfocus.com/bid/19256/info Help Center Live is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to retrieve arbitrary files from the vulnerable system in the context of the affected...

Help Center Live 2.1.2 - module.php Directory Traversal

Help Center Live 2.1.2 - module.php Directory Traversal source: https://www.securityfocus.com/bid/19256/info Help Center Live is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to retrieve arbitrary files...

Help Center Live osTicket Module Multiple Unspecified SQL Injections

The remote host is running Help Center Live, an open source, web-based help desk application written in PHP. The version of Help Center Live installed on the remote host contains a version of osTicket that is affected by multiple SQL injection issues. An unauthenticated attacker may be able to...

Sql injection

Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2006-2039

Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2006-2039

Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors...

CVE-2006-2039

CVE-2006-2039 : The osTicket component of Help Center Live prior to 2.1.0 contains multiple SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via unknown vectors. Affected software: Help Center Live with embedded osTicket prior to 2.1.0. Impact described in connect...

Help Center Live module.php local file include flaw

The remote web server contains a PHP script that is affected by a local file file include vulnerability. Description : The remote host is running Help Center Live, a help desk tool written in PHP. The remote version of Help Center Live fails to sanitize input to the SPDX-FileCopyrightText: 2005...

CVE-2006-0525

CVE-2006-0525 affects multiple Adobe products (notably Photoshop CS2, Illustrator CS2, and Adobe Help Center) where a large number of .EXE and .DLL files are installed with write-access for the Everyone group. This local-privilege-escalation vulnerability allows bypassing protections via Trojan h...

CVE-2004-2602

PHP remote file inclusion vulnerability in UberTec Help Center Live HCL before 1.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the HCLpath parameter to pipe.php...

CVE-2004-2602

CVE-2004-2602 affects UberTec Help Center Live (HCL) prior to 1.2.7. It describes a PHP remote file inclusion vulnerability that allows an attacker to execute arbitrary PHP code by passing a URL in the HCL_path parameter to pipe.php. The vulnerability arises from unsafely including user-supplied ...

CVE-2004-2603

CVE-2004-2603 is an XSS vulnerability in the Search module of UberTec Help Center Live (HCL). The flaw allows remote attackers to inject arbitrary web script or HTML via the find parameter to index.php. This description is supported by multiple sources in the connected documents referencing the s...

CVE-2004-2601

PHP remote file inclusion vulnerability in UberTec Help Center Live HCL allows remote attackers to read local files and possibly execute PHP code via a URL in the SKINinner parameter to inc/skin.php...

CVE-2004-2601

UberTec Help Center Live (HCL) is affected by a PHP remote file inclusion vulnerability (CVE-2004-2601). The issue arises from the SKIN_inner parameter in inc/skin.php, which can be manipulated via a URL to read local files and potentially execute PHP code on the server. Impact, per sources, is r...