EUVD-2002-0922

Malware in sbrugna...

EUVD-2002-0921

Malware in sbrugna...

MyHelpDesk 20020509 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4970/info It is reported that MyHelpDesk is vulnerable to cross-site scripting attacks. Attackers may exploit this vulnerability by constructing a link to a vulnerable scripts, passing malicious HTML code as a value for...

MyHelpDesk 20020509 SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4971/info It is reported that MyHelpDesk version 20020509 and earlier are vulnerable to SQL injection attacks. Data supplied by the remote user, via CGI parameters, is used directly as part of SQL statements. As input...

MyHelpDesk 20020509 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4967/info It has been reported that MyHelpDesk is vulnerable to HTML injection attacks. MyHelpDesk does not properly sanitize HTML tags from form fields. Attackers may pass arbitrary HTML and script code through the...

CVE-2002-0932

SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations 1 detailticket, 2 editticket, or 3 updateticketlog...

CVE-2002-0931

Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a 1 Title or 2 Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the 3...

CVE-2002-0932

SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations 1 detailticket, 2 editticket, or 3 updateticketlog...

CVE-2002-0932

CVE-2002-0932 concerns a SQL injection in index.php of MyHelpDesk 20020509 (and possibly other versions), enabling remote attackers to perform unauthorized actions through SQL code supplied in the id parameter for detailticket, editticket, or updateticketlog. The primary root cause is unsafely co...

CVE-2002-0931

CVE-2002-0931 describes cross-site scripting in MyHelpDesk 20020509 (and possibly other versions). The vulnerability arises when a new ticket is created by a support assistant, where the user-supplied fields (Title or Description) can be exploited via the id parameter to index.php with operations...

CVE-2002-0931

Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a 1 Title or 2 Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the 3...

[ARL02-A15] Multiple Security Issues in MyHelpdesk

+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A15 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : Multiple Security Issues in...

MyHelpDesk 20020509 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/4970/info It is reported that MyHelpDesk is vulnerable to cross-site scripting attacks. Attackers may exploit this vulnerability by constructing a link to a vulnerable scripts, passing malicious HTML code as a value for unsanitized CGI parameters. If the...

MyHelpDesk 20020509 - HTML Injection

source: https://www.securityfocus.com/bid/4967/info It has been reported that MyHelpDesk is vulnerable to HTML injection attacks. MyHelpDesk does not properly sanitize HTML tags from form fields. Attackers may pass arbitrary HTML and script code through the unsanitized form fields or through...

MyHelpDesk 20020509 - HTML Injection

MyHelpDesk 20020509 - HTML Injection source: https://www.securityfocus.com/bid/4967/info It has been reported that MyHelpDesk is vulnerable to HTML injection attacks. MyHelpDesk does not properly sanitize HTML tags from form fields. Attackers may pass arbitrary HTML and script code through the...

MyHelpDesk 20020509 - SQL Injection

source: https://www.securityfocus.com/bid/4971/info It is reported that MyHelpDesk version 20020509 and earlier are vulnerable to SQL injection attacks. Data supplied by the remote user, via CGI parameters, is used directly as part of SQL statements. As input sanitization is not properly performe...

MyHelpDesk 20020509 - Cross-Site Scripting

MyHelpDesk 20020509 - Cross-Site Scripting source: https://www.securityfocus.com/bid/4970/info It is reported that MyHelpDesk is vulnerable to cross-site scripting attacks. Attackers may exploit this vulnerability by constructing a link to a vulnerable scripts, passing malicious HTML code as a...

MyHelpDesk 20020509 - SQL Injection

MyHelpDesk 20020509 - SQL Injection source: https://www.securityfocus.com/bid/4971/info It is reported that MyHelpDesk version 20020509 and earlier are vulnerable to SQL injection attacks. Data supplied by the remote user, via CGI parameters, is used directly as part of SQL statements. As input...