phphelpdesk version 0.6.16 (latest)
phphelpdesk Multiple vulnerabilities
PhpHelpDesk is a popular solution for people looking for a way to manage their helpdesk tickets. Presently there exists 2 vulnerabilites that affect the inegrity of systems who run the software. The first of which is a local file inclusuion vulnerability. Problem exists in the GET'd variable whatdodo. Its supposed to point to a series of pages, but the filter fails to catch users going outside the lines with a little trailing null bye. Here is an example:
Reading files seems bad, but not that bad. The second vulnerability in question is the SQL Injection at the login page. Yes, the classic ' or 1=1/* injection still holds true in the login procedures of this app.
I've emailed the project dev on sourceforge and am awaiting a response.