CVE-2003-0304

One or Zero Helpdesk <1.4 rc4 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0304. PoCs published by frog.

AI-analyzed exploit summary This exploit targets an authentication bypass vulnerability in OneOrZero Helpdesk by sending a crafted POST request to the install.php script, allowing an attacker to create an administrative account without proper authorization.

Description

one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.

Exploits (1)

exploitdb WORKING POC VERIFIED
by frog · pythonwebappsphp
https://www.exploit-db.com/exploits/22606

This exploit targets an authentication bypass vulnerability in OneOrZero Helpdesk by sending a crafted POST request to the install.php script, allowing an attacker to create an administrative account without proper authorization.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: OneOrZero Helpdesk
No auth needed
Prerequisites: Network access to the target · The install.php script must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Patch, Vendor Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0070.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105302025601231&w=2

Scores

EPSS 0.0806
EPSS Percentile 94.0%

Details

Status published
Products (1)
oneorzero/oneorzero_helpdesk 1.4_rc4
Published Jun 09, 2003
Tracked Since Feb 18, 2026