Vulnerabilities > CVE-2005-1673 - Unspecified vulnerability in Ubertec Help Center Live
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities. CVE-2005-1672,CVE-2005-1673,CVE-2005-1674. Webapps exploit for PHP platform |
| id | EDB-ID:43814 |
| last seen | 2018-01-24 |
| modified | 2004-05-17 |
| published | 2004-05-17 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/43814/ |
| title | HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities |
Nessus
| NASL family | CGI abuses |
| NASL id | HCL_MULT_VULNS.NASL |
| description | The remote host is running Help Center Live, a help desk written in PHP that suffers from multiple vulnerabilities: - Multiple SQL Injection Vulnerabilities The application fails in many cases to sanitize user- supplied input before using it in database queries. As long as PHP |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 18296 |
| published | 2005-05-18 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/18296 |
| title | Help Center Live Multiple Vulnerabilities (SQLi, XSS, CSRF) |