Vulnerabilities > CVE-2005-4638 - Unspecified vulnerability in Kayako Supportsuite
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
index.php in Kayako SupportSuite 3.00.26 and earlier allow remote attackers to obtain the full path via (1) _a and (2) newsid parameters in the news module, (3) downloaditemid parameter in the downloads module, and (4) kbarticleid parameter in the knowledgebase module.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://pridels0.blogspot.com/2005/12/kayako-supportsuite-multiple-vuln.html
- http://pridels0.blogspot.com/2005/12/kayako-supportsuite-multiple-vuln.html
- http://www.osvdb.org/22226
- http://www.osvdb.org/22226
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23917
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23917