Vulnerabilities > CVE-2005-3826 - SQL Injection vulnerability in EZY Helpdesk Ezyhelpdesk 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) edit_id, (2) faq_id, and (3) c_id parameters in a query string, and (4) the search engine, possibly involving the search_string parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Ezyhelpdesk 1.0 Multiple SQL Injection Vulnerabilities. CVE-2005-3826 . Webapps exploit for php platform |
id | EDB-ID:26571 |
last seen | 2016-02-03 |
modified | 2005-11-23 |
published | 2005-11-23 |
reporter | r0t |
source | https://www.exploit-db.com/download/26571/ |
title | Ezyhelpdesk 1.0 - Multiple SQL Injection Vulnerabilities |