Required CVE Record Information
Description
form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
References 6 Total
- osvdb.org: 42662 vdb-entry
- vupen.com: ADV-2007-4321 vdb-entry
- exploit-db.com: 4789 exploit
- secunia.com: 28201 third-party-advisory
- exchange.xforce.ibmcloud.com: pmoshelpdesk-form-code-execution(39274) vdb-entry
- securityfocus.com: 27032 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- osvdb.org: 42662 vdb-entryx_transferred
- vupen.com: ADV-2007-4321 vdb-entryx_transferred
- exploit-db.com: 4789 exploitx_transferred
- secunia.com: 28201 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: pmoshelpdesk-form-code-execution(39274) vdb-entryx_transferred
- securityfocus.com: 27032 vdb-entryx_transferred