Vulnerabilities > Doug Luxem
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-28 | CVE-2006-6161 | SQL Injection vulnerability in Liberum Help Desk 'forgotpass.asp' Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) uid parameter to (a) inout/status.asp, (b) inout/update.asp, and (c) forgotpass.asp. | 7.5 |
2006-11-28 | CVE-2006-6160 | SQL Injection vulnerability in Doug Luxem Liberum Help Desk 0.97.3 SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |