Описание
Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen.
Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0874
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13391
- http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0017.html
- http://marc.info/?l=bugtraq&m=106667525623311&w=2
- http://www.securiteam.com/unixfocus/6R0052K8KM.html
- http://www.securityfocus.com/bid/8856
EPSS
CVE ID
Связанные уязвимости
Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen.
EPSS