CVE-2004-2562

LBE Web Helpdesk <4.0.0.81 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2562. PoCs published by Noam Rathaus.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in LBE Web HelpDesk by injecting a malicious SQL query to create a new admin user. It authenticates, retrieves a session cookie, and then sends a crafted request to exploit the vulnerability.

Description

SQL injection vulnerability in jobedit.asp in Leigh Business Enterprises (LBE) Web Helpdesk before 4.0.0.81 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Noam Rathaus · perlwebappsasp

https://www.exploit-db.com/exploits/24300

View Code ZIP pw:eip

This exploit demonstrates an SQL injection vulnerability in LBE Web HelpDesk by injecting a malicious SQL query to create a new admin user. It authenticates, retrieves a session cookie, and then sends a crafted request to exploit the vulnerability.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: LBE Web HelpDesk versions 4.0.0.80 and prior

Auth required

Prerequisites: Valid credentials for initial authentication · Network access to the target web application

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Exploit, Patch x_refsource_misc

http://www.securiteam.com/windowsntfocus/5QP0M0ADGI.html

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/12123

URL Repurposed x_refsource_confirm

http://www.lbehelpdesk.com/patch/web/history.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/8181

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/10773

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/16779

Scores

EPSS 0.0135

EPSS Percentile 67.9%

Details

Status published

Products (36)

leigh_business_enterprises/web_helpdesk 1.2_1999-07-00

leigh_business_enterprises/web_helpdesk 1.3_2000-07-00

leigh_business_enterprises/web_helpdesk 1.4_2000-08-00

leigh_business_enterprises/web_helpdesk 4.0.0.33_2001-05-00

leigh_business_enterprises/web_helpdesk 4.0.0.35_2001-06-04

leigh_business_enterprises/web_helpdesk 4.0.0.38_2001-06-10

leigh_business_enterprises/web_helpdesk 4.0.0.40_2001-07-21

leigh_business_enterprises/web_helpdesk 4.0.0.41_2001-08-27

leigh_business_enterprises/web_helpdesk 4.0.0.43_2001-09-28

leigh_business_enterprises/web_helpdesk 4.0.0.50

... and 26 more

Published Dec 31, 2004

Tracked Since Feb 18, 2026