CVE-2002-0932

SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog.

Published: Oct 4, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0932
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
luis_bernardo / myhelpdesk	-	2002-05-09.x

http://archives.neohapsis.com/archives/bugtraq/2002-06/0057.html
http://www.iss.net/security_center/static/9321.php
http://www.securityfocus.com/bid/4971

Vulnerability Database

CVE-2002-0932