Vulnerabilities > Oneorzero > Oneorzero Helpdesk > 1.4.rc4

DATE CVE VULNERABILITY TITLE RISK
2009-03-12 CVE-2009-0886 Path Traversal vulnerability in Oneorzero Helpdesk
Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a ..
network
low complexity
oneorzero CWE-22
5.0
5.0
2003-06-09 CVE-2003-0304 Remote Security vulnerability in Oneorzero Helpdesk 1.4Rc4
one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.
network
low complexity
oneorzero
critical
 10.0
10
2003-06-09 CVE-2003-0303 SQL Injection vulnerability in Oneorzero Helpdesk 1.4Rc4
SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.
network
low complexity
oneorzero
5.0
5.0