Luis Bernardo : Security vulnerabilities, CVEs

Copy

CVE-2002-0931

Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1) Title or (2) Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the (3) tickettime, (4) ticketfiles, or (5) updateticketlog operations, or (6) via the update section when a ticket is edited.

Max CVSS

7.5

EPSS Score

4.58%

Published

2002-10-04

Updated

2008-09-05

CVE-2002-0932

SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog.

Max CVSS

6.4

EPSS Score

0.26%

Published

2002-10-04

Updated

2008-09-05

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!