CVE-2005-3838

The CVE-2005-3838 issue affects IsolSoft Support Center 2.2 and earlier. Multiple SQL injection vulnerabilities exist in search.php, exploitable via the parameters (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field to execute arbitrary SQL commands remotely. The pr...

CVE-2009-4542

The CVE 2009-4542 describes an Cross-site Scripting (XSS) vulnerability in IsolSoft Support Center 2.5, specifically in newticket.php where the lang parameter can be exploited to inject arbitrary script/HTML. This allows an attacker to execute client-side code in a victim’s browser, with the CVSS...

CVE-2009-4541

IsolSoft Support Center 2.5 is affected by multiple PHP remote file inclusion vulnerabilities. The issue allows an attacker to supply a URL in the lang parameter to newticket.php or rempass.php, or in the lang parameter in an adduser action to index.php, causing inclusion and execution of arbitra...