Help Center Live Security Vulnerabilities and Issues — Help Center Live CVE List

UbertecHelp Center Live

7 matches found

CVE•added 2005/11/29 2:0 a.m.•110 views

CVE-2004-2602

CVE-2004-2602 affects UberTec Help Center Live (HCL) prior to 1.2.7. It describes a PHP remote file inclusion vulnerability that allows an attacker to execute arbitrary PHP code by passing a URL in the HCL_path parameter to pipe.php. The vulnerability arises from unsafely including user-supplied ...

6.8CVSS7.5AI score0.01931EPSS

CVE•added 2005/11/16 9:17 p.m.•67 views

CVE-2005-3639

Summary: CVE-2005-3639 is a local/file inclusion vulnerability in the Help Center Live product, affecting the osTicket module prior to version 2.0.3. The issue arises from insufficient sanitization of the file parameter (path traversal risk) in the module.php flow, allowing remote attackers to re...

7.5CVSS7AI score0.02751EPSS

CVE•added 2005/11/29 2:0 a.m.•59 views

CVE-2004-2603

CVE-2004-2603 is an XSS vulnerability in the Search module of UberTec Help Center Live (HCL). The flaw allows remote attackers to inject arbitrary web script or HTML via the find parameter to index.php. This description is supported by multiple sources in the connected documents referencing the s...

4.3CVSS5.7AI score0.01382EPSS

CVE•added 2006/04/26 6:0 p.m.•53 views

CVE-2006-2039

CVE-2006-2039 : The osTicket component of Help Center Live prior to 2.1.0 contains multiple SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via unknown vectors. Affected software: Help Center Live with embedded osTicket prior to 2.1.0. Impact described in connect...

7.5CVSS8.5AI score0.01214EPSS

CVE•added 2005/11/29 2:0 a.m.•52 views

CVE-2004-2601

UberTec Help Center Live (HCL) is affected by a PHP remote file inclusion vulnerability (CVE-2004-2601). The issue arises from the SKIN_inner parameter in inc/skin.php, which can be manipulated via a URL to read local files and potentially execute PHP code on the server. Impact, per sources, is r...

6.4CVSS7.3AI score0.01453EPSS

Web

CVE•added 2005/05/19 4:0 a.m.•51 views

CVE-2005-1672

Help Center Live (PHP-based live help desk with a MySQL backend) is affected by multiple cross-site scripting (XSS) vulnerabilities identified as CVE-2005-1672. The XSS can be triggered by untrusted input in several fields: the find parameter to index.php, the name or message field of a chat requ...

4.3CVSS6.2AI score0.02715EPSS

CVE•added 2005/05/19 4:0 a.m.•48 views

CVE-2005-1673

CVE-2005-1673 affects Help Center Live (PHP/MySQL) with multiple SQL injection flaws (e.g., id in index.php, tid in view.php, fid in download.php/chat_download.php, status in icon.php, TICKET_tid in index.php/view.php). Root cause: insufficient input sanitization in several parameters leading to ...

7.5CVSS7.4AI score0.01118EPSS