Oneorzero Helpdesk@1.6.5.4 Security Vulnerabilities and Issues — Oneorzero Helpdesk@1.6.5.4 CVE List

Lucene search

OneorzeroOneorzero Helpdesk1.6.5.4

2 matches found

CVE•added 2009/03/12 3:20 p.m.•41 views

CVE-2009-0886

Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the default_language parameter.

5CVSS6.8AI score0.02021EPSS

CVE•added 2007/10/30 9:46 p.m.•33 views

CVE-2007-5727

Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in t...

4.3CVSS5.4AI score0.0048EPSS