CVE-2005-2461

2006-06-0620:03:00

mitre

www.cve.org

8.5 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.8%

JSON

Multiple SQL injection vulnerabilities in the calendar feature in Kayako liveResponse 2.x allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) date parameter.

References

marc.info/?l=bugtraq&m=112274359718863&w=2

secunia.com/advisories/16286

www.gulftech.org/?node=research&article_id=00092-07302005

www.osvdb.org/18396

www.securityfocus.com/bid/14425