CVE-2006-6158
CVE-2006-6158
Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, or (2) the email parameter to ticket.php.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 2
exploitdbwww.exploit-db.com/exploits/29166não verificadoexploitdbwww.exploit-db.com/exploits/29165não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://secunia.com/advisories/23052http://secunia.com/advisories/23070http://secunia.com/advisories/23071http://securityreason.com/securityalert/1928https://exchange.xforce.ibmcloud.com/vulnerabilities/30489http://www.attrition.org/pipermail/vim/2006-November/001148.htmlhttp://www.osvdb.org/30667http://www.osvdb.org/34034http://www.securityfocus.com/archive/1/452397/100/0/threadedhttp://www.securityfocus.com/bid/21250http://www.vupen.com/english/advisories/2006/4670http://www.vupen.com/english/advisories/2006/4671