PT-2005-4761 · Help Desk Reloaded · Help Desk Reloaded Free Help Desk

Published

2005-12-05

Updated

2008-09-05

CVE-2005-4025

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Help Desk Reloaded Free Help Desk (affected versions not specified)

Description The issue allows remote attackers to gain privileges by directly accessing the install.php file, then navigating to accountsetup.php to create a new user. This is possible because the install.php file is not removed or protected after installation is complete.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4025

Affected Products

Help Desk Reloaded Free Help Desk

PT-2005-4761 · Help Desk Reloaded · Help Desk Reloaded Free Help Desk

CVE-2005-4025

Related Identifiers

Affected Products

References · 2