Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2004-2553

Malware in sbrugna...

7.5CVSS6.4AI score0.01353EPSS
Exploits1References7
seebug.org
seebug.org
added 2006/12/10 12:0 a.m.72 views

LeighBusinessEnterprisesWebHelpDeskSQL注入漏洞

LBE Web Helpdesk是一款可通过WEB浏览器进行操作的Helpdesk系统。LBE Web Helpdesk不正确过滤用户提交的数据,远程攻击者可以利用这个漏洞进行SQL注入攻击,可能获得敏感数据或修改数据库。问题存在于jobedit.asp脚本对用户提交给'id'参数缺少过滤,提交包含恶意SQL命令的数据作为'id'参数,可修改'users'表,增加操作员相等权限的新用户。 Leigh Business Enterprises Web HelpDesk 4.0.0.80 临时解决方法:如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 在$nick...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/11/22 2:0 a.m.17 views

CVE-2004-2562

SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises LBE Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.01353EPSS
Exploits1References6
CVE
CVE
added 2005/11/22 2:0 a.m.50 views

CVE-2004-2562

CVE-2004-2562 describes an SQL injection in Leigh Business Enterprises (LBE) Web Helpdesk’s jobedit.asp via the id parameter. Affected versions are prior to 4.0.0.81. The root cause is improper handling of the id parameter, enabling remote execution of arbitrary SQL commands (impacting confidenti...

7.5CVSS8.8AI score0.01353EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Storm
added 2004/07/24 12:0 a.m.24 views

LBEhelpdesk.txt

LBE Web HelpDesk SQL Injection Summary Leigh Business Enterprises's Web HelpDesk is "operated entirely through your web browser and is designed to be used by both your support staff and your customers". We found the product to contain at least one exploitable SQL Injection vulnerability that woul...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/07/21 12:0 a.m.20 views

Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection

Leigh Business Enterprises Web HelpDesk 4.0 - SQL Injection source: https://www.securityfocus.com/bid/10773/info LBE Web HelpDesk is reported susceptible to an SQL injection vulnerability. This issue is due to improper sanitization of user-supplied data. This issue may allow a remote attacker to...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2004/07/21 12:0 a.m.150 views

[NT] LBE Web HelpDesk SQL Injection

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

8.5AI score
Exploits0
Rows per page
Query Builder