Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 09/06/2003 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote malicious users to modify arbitrary ticket number descriptions via the sg parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oneorzero oneorzero helpdesk 1.4_rc4

source: wwwsecurityfocuscom/bid/7609/info An SQL injection issue has been reported to affect OneOrZero Helpdesk The error presents itself in a OneOrZero Helpdesk script that fails to sufficiently sanitize user-supplied input before including it in SQL queries Successful exploitation could result in compromise of the OneOrZero Helpdesk ...

NVD-CWE-Other http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0070.html http://www.securityfocus.com/bid/7609 http://marc.info/?l=bugtraq&m=105302025601231&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/22605/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0303

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect