CVE-2003-0874 in DeskPROinfo

Summary

Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsible

Reservation

10/21/2003

Disclosure

11/17/2003

Moderation

VulDB entry created

Entries

VDB-20999

CPE

ready

CWE

CWE-89 (Confirmed)

CVSS

7.3

EPSS

0.00762

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2003-0874
NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0874
CVE Details	https://www.cvedetails.com/cve/CVE-2003-0874/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!