PT-2005-4761 · Help Desk Reloaded · Help Desk Reloaded Free Help Desk

Publicado

2005-12-05

Atualizado

2008-09-05

CVE-2005-4025

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Help Desk Reloaded Free Help Desk (affected versions not specified)

Description The issue allows remote attackers to gain privileges by directly accessing the install.php file, then navigating to accountsetup.php to create a new user. This is possible because the install.php file is not removed or protected after installation is complete.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-4025

Produtos afetados

Help Desk Reloaded Free Help Desk

PT-2005-4761 · Help Desk Reloaded · Help Desk Reloaded Free Help Desk

CVE-2005-4025

Identificadores relacionados

Produtos afetados

Referências · 2