RSS   Vulnerabilities for 'Liberum help desk'   RSS

2009-02-04
 
CVE-2008-6057

CWE-264
 

 
Doug Luxem Liberum Help Desk 0.97.3 stores db/helpdesk2000.mdb under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request.

 
2005-06-02
 
CVE-2005-1839

 

 
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp.

 
 
CVE-2005-1838

 

 
Multiple cross-site scripting vulnerabilities in castnewPost.asp in Liberum Help Desk 0.97.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Email, (2) Title, or (3) Description fields.

 


Copyright 2024, cxsecurity.com

 

Back to Top