CVE-2006-5428
N/A
N/A
Summary
rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://forum.cerberusweb.com/showthread.php?t=7922
- http://secunia.com/advisories/22418
- http://www.vupen.com/english/advisories/2006/4089
- http://www.securityfocus.com/bid/20598
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29655
References
- http://forum.cerberusweb.com/showthread.php?t=7922
- http://secunia.com/advisories/22418
- http://www.vupen.com/english/advisories/2006/4089
- http://www.securityfocus.com/bid/20598
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29655
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.