Vulnerabilities > CVE-2005-1672 - Unspecified vulnerability in Ubertec Help Center Live

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ubertec

nessus

exploit available

NVD

Published: 2005-05-19

Updated: 2024-11-20

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message field of a chat request, or (4) the message body when opening a trouble ticket.

Vulnerable Configurations

Part	Description	Count
Application	Ubertec Ubertec Help Center Live *	1

Exploit-Db

description	HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities. CVE-2005-1672,CVE-2005-1673,CVE-2005-1674. Webapps exploit for PHP platform
id	EDB-ID:43814
last seen	2018-01-24
modified	2004-05-17
published	2004-05-17
reporter	Exploit-DB
source	https://www.exploit-db.com/download/43814/
title	HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities

Nessus

NASL family	CGI abuses
NASL id	HCL_MULT_VULNS.NASL
description	The remote host is running Help Center Live, a help desk written in PHP that suffers from multiple vulnerabilities: - Multiple SQL Injection Vulnerabilities The application fails in many cases to sanitize user- supplied input before using it in database queries. As long as PHP
last seen	2020-06-01
modified	2020-06-02
plugin id	18296
published	2005-05-18
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/18296
title	Help Center Live Multiple Vulnerabilities (SQLi, XSS, CSRF)

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References