Back to search
CVE-2006-6158
Published: Nov 28, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, or (2) the email parameter to ticket.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
23071
third-party-advisory
x_refsource_SECUNIA
ADV-2006-4672
vdb-entry
x_refsource_VUPEN
30667
vdb-entry
x_refsource_OSVDB
ADV-2006-4671
vdb-entry
x_refsource_VUPEN
21250
vdb-entry
x_refsource_BID
23070
third-party-advisory
x_refsource_SECUNIA
20061122 XSS in scriptat support InverseFlow Help Desk v2.31
mailing-list
x_refsource_BUGTRAQ
ADV-2006-4670
vdb-entry
x_refsource_VUPEN
34034
vdb-entry
x_refsource_OSVDB
pmoshelpdesk-ticketview-xss(30489)
vdb-entry
x_refsource_XF
23052
third-party-advisory
x_refsource_SECUNIA
20061128 PMOS Help Desk/etc. SQL injection - source verify and more info
mailing-list
x_refsource_VIM
1928
third-party-advisory
x_refsource_SREASON
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now