CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-4413

Direct static code injection vulnerability in admincp/user_help.php in Headstart Solutions DeskPRO 3.0.2 allows remote authenticated users to inject arbitrary PHP code into an unspecified file via a new_entry value in the do parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.6%

CVSS Severity

CVSS v2 Score 3.5

References

http://osvdb.org/46653
http://securityreason.com/securityalert/3029
http://www.securityfocus.com/archive/1/476454/100/0/threaded
http://osvdb.org/46653
http://securityreason.com/securityalert/3029
http://www.securityfocus.com/archive/1/476454/100/0/threaded

Products affected by CVE-2007-4413

Headstart Solutions » Deskpro » Version: 3.0.2

cpe:2.3:a:headstart_solutions:deskpro:3.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-4413

Products

Pricing

Contact Us