Logicnow: Security Vulnerabilities
SQL injection vulnerability in LogicBill 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) __mode and (2) __id parameters to helpdesk.php.
CVSS Score
7.5
EPSS Score
0.003
Published
2005-12-21
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter.
CVSS Score
7.5
EPSS Score
0.013
Published
2005-05-02
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.
CVSS Score
5.0
EPSS Score
0.051
Published
2004-09-13
pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message.
CVSS Score
5.0
EPSS Score
0.005
Published
2004-09-12