Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbGulfTech SecurityEDB-ID:25037
HistoryDec 18, 2004 - 12:00 a.m.

Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting

2004-12-1800:00:00
GulfTech Security
www.exploit-db.com
24

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/12037/info

Kayako eSupport is prone to multiple input validation vulnerabilities. One cross-site scripting and six SQL injection vulnerabilities.

These issues may collectively threaten compromise of software and database security properties. Possible attacks include theft of cookie-based authentication credentials, exposure or modification of database information, and a potential for attacks against the underlying database implementation. 

http://www.example.com/index.php?_a=knowledgebase&_j=search&searchm=[CODEGOESHERE]

Related

nvd 2
cve 2
cvelist 2
openvas 1
prion 1
nvd
nvd
CVE-2004-1412
2004-12-31 05:00:00
CVE-2007-1145
2007-03-02 21:18:00
cve
cve
CVE-2004-1412
2005-02-12 05:00:00
CVE-2007-1145
2007-03-02 21:18:00
cvelist
cvelist
CVE-2004-1412
2005-02-12 05:00:00
CVE-2007-1145
2007-02-27 18:00:00
openvas
openvas
Kayako eSupport SQLi / XSS Vulnerabilities
2005-11-03 00:00:00
prion
prion
Cross site scripting
2007-03-02 21:18:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:25037
nvd2cve2cvelist2openvas1prion1