33 matches found
EUVD-2009-0883
Malware in sbrugna...
EUVD-2007-5698
Malware in sbrugna...
EUVD-2006-5459
Malware in sbrugna...
OneOrZero Helpdesk 1.4 Install.PHP Administrative Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script...
OneOrZero 1.6.3 Helpdesk Index.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17298/info OneOrZero Helpdesk is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
OneOrZero Helpdesk 1.4 TUpdate.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7609/info An SQL injection issue has been reported to affect OneOrZero Helpdesk. The error presents itself in a OneOrZero Helpdesk script that fails to sufficiently sanitize user-supplied input before including it in SQL...
CVE-2009-0886
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the defaultlanguage parameter...
CVE-2009-0886
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the defaultlanguage parameter...
CVE-2009-0886
The CVE corresponds to a local file inclusion (LFI) vulnerability in OneOrZero Helpdesk
OneOrZero Helpdesk 'login.php' Local File Include Vulnerability
OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...
OneOrZero Helpdesk default_language Local File Inclusion
The remote host is running OneOrZero Helpdesk, a web-based helpdesk application written in PHP. The version of OneOrZero Helpdesk installed on the remote host fails to filter input to the 'defaultlanguage' variable in the 'common/login.php' script before using it to include PHP code. Provided PHP...
OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZero Helpdesk and Task Management System is a powerfu...
OneOrZero Helpdesk 1.6.5.7 Local File Inclusion
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZero Helpdesk and Task Management System is a powerfu...
OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion
OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZer...
OneOrZero Helpdesk <= 1.6.5.7 Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZero Helpdesk and...
OneOrZero Helpdesk tinfo.php Arbitrary File Upload
The remote host is running OneOrZero Helpdesk, a web-based helpdesk application written in PHP. The version of OneOrZero HelpDesk installed on the remote host allows uploads of arbitrary files via the 'tinfo.php' script provided the 'sendemail' POST parameter is set. By uploading a file with, say...
OneOrZero Helpdesk tinfo.php Arbitrary File Upload
Binary data 4801.prm...
OneOrZero helpdesk 1.6.*. Remote Shell Upload Exploit
Exploit for unknown platform in category web applications ===================================================== OneOrZero helpdesk 1.6.. Remote Shell Upload Exploit ===================================================== !/usr/bin/perl =about OneOrZero 1.6. Perl exploit AUTHOR discovered & written ...
CVE-2007-5727
Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting XSS attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in t...
CVE-2007-5727
CVE-2007-5727 describes an incomplete blacklist vulnerability in OneOrZero Helpdesk (common.php, stripScripts) that allows remote XSS via the description parameter to tcreate.php or tupdate.php (e.g., using an onmouseover event in a tag). Affected versions include 1.6.5.4 and 1.6.4.2, with poten...