2 matches found
CVE-2005-1672
Help Center Live (PHP-based live help desk with a MySQL backend) is affected by multiple cross-site scripting (XSS) vulnerabilities identified as CVE-2005-1672. The XSS can be triggered by untrusted input in several fields: the find parameter to index.php, the name or message field of a chat requ...
CVE-2005-1673
CVE-2005-1673 affects Help Center Live (PHP/MySQL) with multiple SQL injection flaws (e.g., id in index.php, tid in view.php, fid in download.php/chat_download.php, status in icon.php, TICKET_tid in index.php/view.php). Root cause: insufficient input sanitization in several parameters leading to ...