CVE-2006-6380

Ultimate HelpDesk - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in index.asp in Ultimate HelpDesk allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsasp

https://www.exploit-db.com/exploits/2881

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/23225

[Exploit] http://www.securityfocus.com/bid/21402

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/30723

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2881

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/4819

Scores

EPSS 0.0587

EPSS Percentile 90.4%

Classification

Status draft

Affected Products (1)

ultimate_helpdesk/ultimate_helpdesk

Timeline

Published Dec 07, 2006

Tracked Since Feb 18, 2026