CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-3005

Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.075

EPSS Ranking 91.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=112724743530521&w=2
http://secunia.com/advisories/16859
http://www.phpjunkyard.com/extras/hesk_0931_patch.zip
http://www.securityfocus.com/bid/14879
http://www.vupen.com/english/advisories/2005/1792
http://marc.info/?l=bugtraq&m=112724743530521&w=2
http://secunia.com/advisories/16859
http://www.phpjunkyard.com/extras/hesk_0931_patch.zip
http://www.securityfocus.com/bid/14879
http://www.vupen.com/english/advisories/2005/1792

Products affected by CVE-2005-3005

Helpdesk Software » Hesk » Version: 0.92

cpe:2.3:a:helpdesk_software:hesk:0.92
Helpdesk Software » Hesk » Version: 0.93

cpe:2.3:a:helpdesk_software:hesk:0.93

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-3005

Products

Pricing

Contact Us