17 matches found
EUVD-2006-6141
Malware in sbrugna...
PMOS Help Desk <= 2.4 - Remote Command Execution Exploit
No description provided by source. ?php / ------------------------------------------------------ PMOS Help Desk = 2.4 Remote Command Execution Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.h2desk.com/pmos...
CVE-2007-6550
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter...
Sql injection
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter...
PMOS Help Desk form.php脚本代码注入漏洞
BUGTRAQ ID: 27032 PMOS Help Desk之前名为InverseFlow Help Desk,是一款开源的帮助台系统。 PMOS Help Desk的form.php脚本没有限制对登录用户的访问,没有跟随重新定向的HTTP客户端可以利用这个漏洞绕过限制执行任意PHP代码。 h2desk PMOS Help Desk = 2.4 厂商补丁: h2desk ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.h2desk.com/pmos/ ?php /...
CVE-2007-6550
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter...
pmos-exec.txt
?php / ------------------------------------------------------ PMOS Help Desk = 2.4 Remote Command Execution Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.h2desk.com/pmos dork.....: "Powered by PMOS Help Desk" ...
CVE-2007-6550
PMOS Help Desk 2.4 and earlier is affected by CVE-2007-6550. form.php redirects without exiting, enabling remote attackers to perform eval injection and execute arbitrary PHP code via the options array parameter. Affected component: PMOS Help Desk’s PHP form handling. Root cause: missing exit aft...
PMOS Help Desk <= 2.4 Remote Command Execution Exploit
No description provided by source. ?php / ------------------------------------------------------ PMOS Help Desk = 2.4 Remote Command Execution Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.h2desk.com/pmos...
PMOS Help Desk form.php Arbitrary Code Execution
The remote host is running PMOS Help Desk, an open source help desk application written in PHP. The version of PMOS Help Desk installed on the remote host contains a design flaw that can be leveraged by a remote attacker to bypass authentication and make changes to the application's form template...
PMOS Help Desk <= 2.4 Remote Command Execution Exploit
Exploit for unknown platform in category web applications ====================================================== PMOS Help Desk = 2.4 Remote Command Execution Exploit ====================================================== ?php / ------------------------------------------------------ PMOS Help Des...
PMOS Help Desk 2.4 - Remote Command Execution
PMOS Help Desk 2.4 - Remote Command Execution ?php / ------------------------------------------------------ PMOS Help Desk = 2.4 Remote Command Execution Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
PMOS Help Desk 2.4 - Remote Command Execution
?php / ------------------------------------------------------ PMOS Help Desk = 2.4 Remote Command Execution Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.h2desk.com/pmos dork.....: "Powered by PMOS Help Desk" ...
CVE-2006-6158
Multiple cross-site scripting XSS vulnerabilities in a PMOS Help Desk 2.4, formerly b InverseFlow Help Desk 2.31 and also sold as c Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the 1 id or email parameter to ticketview.php, or 2 the email parameter to...
CVE-2006-6158
Multiple cross-site scripting XSS vulnerabilities in a PMOS Help Desk 2.4, formerly b InverseFlow Help Desk 2.31 and also sold as c Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the 1 id or email parameter to ticketview.php, or 2 the email parameter to...
CVE-2006-6158
CVE-2006-6158 affects PMOS Help Desk 2.4 (aka InverseFlow Help Desk 2.31, sold as Ace Helpdesk 2.31). The vulnerability is multiple cross-site scripting (XSS) that allows remote attackers to inject arbitrary web script or HTML via: (1) the id or email parameter to ticketview.php, or (2) the email...
PMOS Help Desk 2.3 - ticket.php?email Cross-Site Scripting
PMOS Help Desk 2.3 - ticket.php?email Cross-Site Scripting source: https://www.securityfocus.com/bid/21250/info InverseFlow Help Desk is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...