Cerberus: >> Cerberus Helpdesk >> 2.5 Security Vulnerabilities
Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.
CVSS Score
5.0
EPSS Score
0.003
Published
2009-03-06
attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.
CVSS Score
5.0
EPSS Score
0.006
Published
2005-11-05