RSS   Vulnerabilities for 'Arcticdesk'   RSS

2015-01-13
 
CVE-2014-100035

CWE-89
 

 
SQL injection vulnerability in the ticket grid in the admin interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

 
 
CVE-2014-100034

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the frontend interface in LicensePal ArcticDesk before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
 
CVE-2014-100033

CWE-22
 

 
Directory traversal vulnerability in LicensePal ArcticDesk before 1.2.5 allows remote attackers to read arbitrary files via unspecified vectors.

 


Copyright 2017, cxsecurity.com