CVE-2005-1673

Ubertec Help Center Live - SQL Injection

Title source: rule

Description

Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php.

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/43814

View Code ZIP pw:eip

References (2)

[Various Sources] http://www.gulftech.org/?node=research&article_id=00076-05172005

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/archive/1/398457/2005-05-15/2005-05-21/0

Scores

EPSS 0.0029

EPSS Percentile 52.4%

Details

Status published

Products (1)

ubertec/help_center_live

Published May 19, 2005

Tracked Since Feb 18, 2026