CVSS: 7.2EPSS: 7%CPEs: 1EXPL: 2CVE-2017-18486
https://notcve.org/view.php?id=CVE-2017-18486
Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. Jitbit Helpdesk en versiones anteriores a 9.0.3, permite a los atacantes remotos escalar privilegios debido al manejo inapropiado del parámetro userHash del archivo User/AutoLogin. • https://github.com/Kc57/JitBit_Helpdesk_Auth_Bypass https://packetstormsecurity.com/files/144334/JitBit-Helpdesk-9.0.2-Broken-Authentication.html https://www.exploit-db.com/exploits/42776 https://www.trustedsec.com/2017/09/full-disclosure-jitbit-helpdesk-authentication-bypass-0-day • CWE-332: Insufficient Entropy in PRNG •
CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0CVE-2008-6440
https://notcve.org/view.php?id=CVE-2008-6440
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs. Cerberus Helpdesk versiones anteriores a v4.0 (Build 600) permite a atacantes remotos obtener información sensible a través de peticiones directas para "controladores ... que no están en páginas estándar de ayuda," posiblemente envolviendo las URIs (1) /display y (2) /kb. • http://secunia.com/advisories/30344 http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599 http://www.securityfocus.com/bid/29335 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 1CVE-2006-6366 – Cerberus Helpdesk 2.x - 'Spellwin.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-6366
Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en includes/elements/spellcheck/spellwin.php de Cerberus Helpdesk 0.97.3, 2.0 hasta 2.7, 3.2.1, y 3.3 permite a atacantes remotos ejecutar secuencias de comandos web o HTML de su elección mediante el parámetro js. NOTA: la procedencia de esta información es desconocida; los detalles se han obtenido de información de terceros. • https://www.exploit-db.com/exploits/29222 http://secunia.com/advisories/23193 http://www.securityfocus.com/bid/21423 http://www.vupen.com/english/advisories/2006/4875 https://exchange.xforce.ibmcloud.com/vulnerabilities/30719 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2006-5428 – Cerberus Helpdesk 3.2.1 - 'Rpc.php' Unauthorized Access
https://notcve.org/view.php?id=CVE-2006-5428
rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request. rpc.php en Cerberus Helpdesk 3.2.1 no verifica los privilegios de un cliente para una operación display_get_requesters, lo cual permite a un atacante remoto evitar la validación GUI y obtener información sensible (ticket data) a través de una respuesta directa. • https://www.exploit-db.com/exploits/28826 http://forum.cerberusweb.com/showthread.php?t=7922 http://secunia.com/advisories/22418 http://www.securityfocus.com/bid/20598 http://www.vupen.com/english/advisories/2006/4089 https://exchange.xforce.ibmcloud.com/vulnerabilities/29655 •