Vulnerability-Lookup

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

Full-Text Search

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2026-6265 (GCVE-0-2026-6265)

Vulnerability from cvelistv5 – Published: 2026-04-27 13:00 – Updated: 2026-04-27 13:58

Title

Local Privilege Escalation in Cerberus FTP Server =< 2025.4.2

Summary

Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1

Severity ?

7.3 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-278 - Insecure preserved inherited permissions

Assigner

NCSC-FI

References

URL

Tags

	https://www.cerberusftp.com/releasenotes/	release-notes
	https://labs.reversec.com/advisories/2026/04/cerb…	third-party-advisory

Impacted products

	Vendor	Product	Version
	Cerberus	Cerberus FTP Server	Affected: 0 , ≤ 2025.4.2 (custom) Unaffected: 2026.1

Date Public ?

2026-04-27 11:00

Credits

Sharan Patil with Reversec

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-6265",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-27T13:58:10.924454Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-27T13:58:14.228Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://labs.reversec.com/advisories/2026/04/cerberus-ftp-server-elevation-of-privileges"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Cerberus FTP Server",
          "vendor": "Cerberus",
          "versions": [
            {
              "lessThanOrEqual": "2025.4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "2026.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sharan Patil with Reversec"
        }
      ],
      "datePublic": "2026-04-27T11:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.\u003cp\u003eThis issue has been resolved in Cerberus FTP Server: 2026.1\u003c/p\u003e"
            }
          ],
          "value": "Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-278",
              "description": "CWE-278 Insecure preserved inherited permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-27T13:00:10.309Z",
        "orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
        "shortName": "NCSC-FI"
      },
      "references": [
        {
          "tags": [
            "release-notes"
          ],
          "url": "https://www.cerberusftp.com/releasenotes/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://labs.reversec.com/advisories/2026/04/cerberus-ftp-server-elevation-of-privileges"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Local Privilege Escalation in Cerberus FTP Server =\u003c 2025.4.2",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
    "assignerShortName": "NCSC-FI",
    "cveId": "CVE-2026-6265",
    "datePublished": "2026-04-27T13:00:10.309Z",
    "dateReserved": "2026-04-14T05:18:04.414Z",
    "dateUpdated": "2026-04-27T13:58:14.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2017-6880 (GCVE-0-2017-6880)

Vulnerability from cvelistv5 – Published: 2017-03-17 17:00 – Updated: 2024-08-05 15:41

Summary

Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

https://www.exploit-db.com/exploits/41620/

exploitx_refsource_EXPLOIT-DB

Date Public ?

2017-03-17 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:41:17.747Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41620",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/41620/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-03-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-17T16:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "41620",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/41620/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6880",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41620",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/41620/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6880",
    "datePublished": "2017-03-17T17:00:00.000Z",
    "dateReserved": "2017-03-14T00:00:00.000Z",
    "dateUpdated": "2024-08-05T15:41:17.747Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-6440 (GCVE-0-2008-6440)

Vulnerability from cvelistv5 – Published: 2009-03-06 18:00 – Updated: 2024-09-16 21:07

Summary

Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for "controllers ... that aren't standard helpdesk pages," possibly involving the (1) /display and (2) /kb URIs.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/29335	vdb-entryx_refsource_BID
	http://secunia.com/advisories/30344	third-party-advisoryx_refsource_SECUNIA
	http://www.cerb4.com/blog/2008/05/15/important-se…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T11:27:35.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "29335",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29335"
          },
          {
            "name": "30344",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30344"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for \"controllers ... that aren\u0027t standard helpdesk pages,\" possibly involving the (1) /display and (2) /kb URIs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-03-06T18:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "29335",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29335"
        },
        {
          "name": "30344",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30344"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-6440",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cerberus Helpdesk before 4.0 (Build 600) allows remote attackers to obtain sensitive information via direct requests for \"controllers ... that aren\u0027t standard helpdesk pages,\" possibly involving the (1) /display and (2) /kb URIs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "29335",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29335"
            },
            {
              "name": "30344",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30344"
            },
            {
              "name": "http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/",
              "refsource": "CONFIRM",
              "url": "http://www.cerb4.com/blog/2008/05/15/important-security-patch-40-build-599/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-6440",
    "datePublished": "2009-03-06T18:00:00.000Z",
    "dateReserved": "2009-03-06T00:00:00.000Z",
    "dateUpdated": "2024-09-16T21:07:47.057Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-5930 (GCVE-0-2007-5930)

Vulnerability from cvelistv5 – Published: 2007-11-10 11:00 – Updated: 2024-08-07 15:47

Summary

Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/26381	vdb-entryx_refsource_BID
	http://osvdb.org/38789	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/27569	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3805	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.cerberusftp.com/cerberus-releasenotes.…	x_refsource_CONFIRM

Date Public ?

2007-11-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.552Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26381",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26381"
          },
          {
            "name": "38789",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/38789"
          },
          {
            "name": "27569",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27569"
          },
          {
            "name": "ADV-2007-3805",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3805"
          },
          {
            "name": "cerberus-web-interface-xss(38320)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38320"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cerberusftp.com/cerberus-releasenotes.htm#ReleaseNotes"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26381",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26381"
        },
        {
          "name": "38789",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/38789"
        },
        {
          "name": "27569",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27569"
        },
        {
          "name": "ADV-2007-3805",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3805"
        },
        {
          "name": "cerberus-web-interface-xss(38320)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38320"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cerberusftp.com/cerberus-releasenotes.htm#ReleaseNotes"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5930",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26381",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26381"
            },
            {
              "name": "38789",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/38789"
            },
            {
              "name": "27569",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27569"
            },
            {
              "name": "ADV-2007-3805",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3805"
            },
            {
              "name": "cerberus-web-interface-xss(38320)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38320"
            },
            {
              "name": "http://www.cerberusftp.com/cerberus-releasenotes.htm#ReleaseNotes",
              "refsource": "CONFIRM",
              "url": "http://www.cerberusftp.com/cerberus-releasenotes.htm#ReleaseNotes"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5930",
    "datePublished": "2007-11-10T11:00:00.000Z",
    "dateReserved": "2007-11-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:47:00.552Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-1476 (GCVE-0-2003-1476)

Vulnerability from cvelistv5 – Published: 2007-10-24 23:00 – Updated: 2024-09-16 19:31

Summary

Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/7556	vdb-entryx_refsource_BID
	http://www.cerberusftp.com/cerberus-releasenotes.…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:28:03.581Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "7556",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7556"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cerberusftp.com/cerberus-releasenotes.htm#KnownIssues"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-10-24T23:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "7556",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7556"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cerberusftp.com/cerberus-releasenotes.htm#KnownIssues"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "7556",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7556"
            },
            {
              "name": "http://www.cerberusftp.com/cerberus-releasenotes.htm#KnownIssues",
              "refsource": "CONFIRM",
              "url": "http://www.cerberusftp.com/cerberus-releasenotes.htm#KnownIssues"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1476",
    "datePublished": "2007-10-24T23:00:00.000Z",
    "dateReserved": "2007-10-24T00:00:00.000Z",
    "dateUpdated": "2024-09-16T19:31:54.224Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-6366 (GCVE-0-2006-6366)

Vulnerability from cvelistv5 – Published: 2006-12-07 11:00 – Updated: 2024-08-07 20:26

Summary

Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2006/4875	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/21423	vdb-entryx_refsource_BID
	http://secunia.com/advisories/23193	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2006-12-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:26:45.977Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-4875",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4875"
          },
          {
            "name": "cerberus-spellwin-xss(30719)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30719"
          },
          {
            "name": "21423",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21423"
          },
          {
            "name": "23193",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23193"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-12-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter.  NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-4875",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4875"
        },
        {
          "name": "cerberus-spellwin-xss(30719)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30719"
        },
        {
          "name": "21423",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21423"
        },
        {
          "name": "23193",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23193"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6366",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter.  NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-4875",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4875"
            },
            {
              "name": "cerberus-spellwin-xss(30719)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30719"
            },
            {
              "name": "21423",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21423"
            },
            {
              "name": "23193",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23193"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6366",
    "datePublished": "2006-12-07T11:00:00.000Z",
    "dateReserved": "2006-12-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:26:45.977Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-5428 (GCVE-0-2006-5428)

Vulnerability from cvelistv5 – Published: 2006-10-20 17:00 – Updated: 2024-08-07 19:48

Summary

rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://forum.cerberusweb.com/showthread.php?t=7922	x_refsource_CONFIRM
	http://secunia.com/advisories/22418	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4089	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/20598	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public ?

2006-10-15 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:48:30.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forum.cerberusweb.com/showthread.php?t=7922"
          },
          {
            "name": "22418",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22418"
          },
          {
            "name": "ADV-2006-4089",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4089"
          },
          {
            "name": "20598",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20598"
          },
          {
            "name": "cerberushelpdesk-rpc-information-disclosure(29655)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29655"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client\u0027s privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forum.cerberusweb.com/showthread.php?t=7922"
        },
        {
          "name": "22418",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22418"
        },
        {
          "name": "ADV-2006-4089",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4089"
        },
        {
          "name": "20598",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20598"
        },
        {
          "name": "cerberushelpdesk-rpc-information-disclosure(29655)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29655"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5428",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client\u0027s privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://forum.cerberusweb.com/showthread.php?t=7922",
              "refsource": "CONFIRM",
              "url": "http://forum.cerberusweb.com/showthread.php?t=7922"
            },
            {
              "name": "22418",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22418"
            },
            {
              "name": "ADV-2006-4089",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4089"
            },
            {
              "name": "20598",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20598"
            },
            {
              "name": "cerberushelpdesk-rpc-information-disclosure(29655)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29655"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5428",
    "datePublished": "2006-10-20T17:00:00.000Z",
    "dateReserved": "2006-10-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:48:30.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-4539 (GCVE-0-2006-4539)

Vulnerability from cvelistv5 – Published: 2006-09-05 23:00 – Updated: 2024-08-07 19:14

Summary

(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://forum.cerberusweb.com/showthread.php?t=7671	x_refsource_CONFIRM
	http://secunia.com/advisories/21706	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1016976	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/19797	vdb-entryx_refsource_BID
	http://cerberusweb.com/cvsweb.pl/support-center/c…	x_refsource_MISC
	http://cerberusweb.com/cvsweb.pl/support-center/c…	x_refsource_MISC
	http://www.vupen.com/english/advisories/2006/3421	vdb-entryx_refsource_VUPEN
	http://www.osvdb.org/28317	vdb-entryx_refsource_OSVDB

Date Public ?

2006-09-01 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:14:47.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forum.cerberusweb.com/showthread.php?t=7671"
          },
          {
            "name": "21706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21706"
          },
          {
            "name": "1016976",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016976"
          },
          {
            "name": "19797",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19797"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_company_tickets.php.diff?r1=1.6%3Br2=1.7%3Bf=h"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_track_tickets.php.diff?r1=1.17%3Br2=1.18%3Bf=h"
          },
          {
            "name": "ADV-2006-3421",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3421"
          },
          {
            "name": "28317",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28317"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter.  NOTE: the provenance of this information is unknown; the details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-10-10T09:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forum.cerberusweb.com/showthread.php?t=7671"
        },
        {
          "name": "21706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21706"
        },
        {
          "name": "1016976",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016976"
        },
        {
          "name": "19797",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19797"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_company_tickets.php.diff?r1=1.6%3Br2=1.7%3Bf=h"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_track_tickets.php.diff?r1=1.17%3Br2=1.18%3Bf=h"
        },
        {
          "name": "ADV-2006-3421",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3421"
        },
        {
          "name": "28317",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28317"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter.  NOTE: the provenance of this information is unknown; the details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://forum.cerberusweb.com/showthread.php?t=7671",
              "refsource": "CONFIRM",
              "url": "http://forum.cerberusweb.com/showthread.php?t=7671"
            },
            {
              "name": "21706",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21706"
            },
            {
              "name": "1016976",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016976"
            },
            {
              "name": "19797",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19797"
            },
            {
              "name": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_company_tickets.php.diff?r1=1.6;r2=1.7;f=h",
              "refsource": "MISC",
              "url": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_company_tickets.php.diff?r1=1.6;r2=1.7;f=h"
            },
            {
              "name": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_track_tickets.php.diff?r1=1.17;r2=1.18;f=h",
              "refsource": "MISC",
              "url": "http://cerberusweb.com/cvsweb.pl/support-center/cerberus-support-center/includes/widgets/module_track_tickets.php.diff?r1=1.17;r2=1.18;f=h"
            },
            {
              "name": "ADV-2006-3421",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3421"
            },
            {
              "name": "28317",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/28317"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4539",
    "datePublished": "2006-09-05T23:00:00.000Z",
    "dateReserved": "2006-09-05T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:14:47.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-0509 (GCVE-0-2006-0509)

Vulnerability from cvelistv5 – Published: 2006-02-01 23:00 – Updated: 2024-08-07 16:41

Summary

Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via (1) the contact_search parameter and (2) unspecified url fields.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/archive/1/423547/30/…	mailing-listx_refsource_BUGTRAQ
	http://securityreason.com/securityalert/391	third-party-advisoryx_refsource_SREASON
	http://www.osvdb.org/22843	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/16439	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/0395	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/18657	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Date Public ?

2006-01-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:41:27.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060130 Cerberus Helpdesk vulnerable to XSS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423547/30/0/threaded"
          },
          {
            "name": "391",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/391"
          },
          {
            "name": "22843",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22843"
          },
          {
            "name": "16439",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16439"
          },
          {
            "name": "ADV-2006-0395",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0395"
          },
          {
            "name": "18657",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18657"
          },
          {
            "name": "cerberus-clients-xss(24388)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24388"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via (1) the contact_search parameter and (2) unspecified url fields."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20060130 Cerberus Helpdesk vulnerable to XSS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423547/30/0/threaded"
        },
        {
          "name": "391",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/391"
        },
        {
          "name": "22843",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22843"
        },
        {
          "name": "16439",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16439"
        },
        {
          "name": "ADV-2006-0395",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0395"
        },
        {
          "name": "18657",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18657"
        },
        {
          "name": "cerberus-clients-xss(24388)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24388"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0509",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via (1) the contact_search parameter and (2) unspecified url fields."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060130 Cerberus Helpdesk vulnerable to XSS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423547/30/0/threaded"
            },
            {
              "name": "391",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/391"
            },
            {
              "name": "22843",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22843"
            },
            {
              "name": "16439",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16439"
            },
            {
              "name": "ADV-2006-0395",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0395"
            },
            {
              "name": "18657",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18657"
            },
            {
              "name": "cerberus-clients-xss(24388)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24388"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0509",
    "datePublished": "2006-02-01T23:00:00.000Z",
    "dateReserved": "2006-02-01T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:41:27.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-4428 (GCVE-0-2005-4428)

Vulnerability from cvelistv5 – Published: 2005-12-20 23:00 – Updated: 2024-08-07 23:46

Summary

Cross-site scripting (XSS) vulnerability in index.php in Cerberus Helpdesk allows remote attackers to inject arbitrary web script or HTML via the kb_ask parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://marc.info/?l=full-disclosure&m=11350087863…	mailing-listx_refsource_FULLDISC
	http://www.securityfocus.com/bid/16062	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/18112	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/420271/100…	mailing-listx_refsource_BUGTRAQ
	http://www.osvdb.org/21989	vdb-entryx_refsource_OSVDB

Date Public ?

2005-12-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:46:05.153Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20051219 Cerberus Helpdesk vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=113500878630130\u0026w=2"
          },
          {
            "name": "16062",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16062"
          },
          {
            "name": "cerberus-index-xss(23834)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23834"
          },
          {
            "name": "18112",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18112"
          },
          {
            "name": "20051225 Cerberus Helpdesk multiple vulnerabilities.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/420271/100/0/threaded"
          },
          {
            "name": "21989",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21989"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in index.php in Cerberus Helpdesk allows remote attackers to inject arbitrary web script or HTML via the kb_ask parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20051219 Cerberus Helpdesk vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=113500878630130\u0026w=2"
        },
        {
          "name": "16062",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16062"
        },
        {
          "name": "cerberus-index-xss(23834)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23834"
        },
        {
          "name": "18112",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18112"
        },
        {
          "name": "20051225 Cerberus Helpdesk multiple vulnerabilities.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/420271/100/0/threaded"
        },
        {
          "name": "21989",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21989"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4428",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in index.php in Cerberus Helpdesk allows remote attackers to inject arbitrary web script or HTML via the kb_ask parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20051219 Cerberus Helpdesk vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=113500878630130\u0026w=2"
            },
            {
              "name": "16062",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16062"
            },
            {
              "name": "cerberus-index-xss(23834)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23834"
            },
            {
              "name": "18112",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18112"
            },
            {
              "name": "20051225 Cerberus Helpdesk multiple vulnerabilities.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/420271/100/0/threaded"
            },
            {
              "name": "21989",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21989"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4428",
    "datePublished": "2005-12-20T23:00:00.000Z",
    "dateReserved": "2005-12-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:46:05.153Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-4427 (GCVE-0-2005-4427)

Vulnerability from cvelistv5 – Published: 2005-12-20 23:00 – Updated: 2024-08-07 23:46

Summary

Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to attachment_send.php, (2) the $addy variable in email_parser.php, (3) $address variable in email_parser.php, (4) $a_address variable in structs.php, (5) kbid parameter to cer_KnowledgebaseHandler.class.php, (6) queues[] parameter to addresses_export.php, (7) $thread variable to display.php, (8) ticket parameter to display_ticket_thread.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/21991	vdb-entryx_refsource_OSVDB
	http://www.osvdb.org/21993	vdb-entryx_refsource_OSVDB
	http://marc.info/?l=full-disclosure&m=11350087863…	mailing-listx_refsource_FULLDISC
	http://www.osvdb.org/21992	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/16062	vdb-entryx_refsource_BID
	http://www.osvdb.org/21995	vdb-entryx_refsource_OSVDB
	http://www.osvdb.org/21990	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/18112	third-party-advisoryx_refsource_SECUNIA
	http://www.osvdb.org/21988	vdb-entryx_refsource_OSVDB
	http://www.osvdb.org/21994	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/420271/100…	mailing-listx_refsource_BUGTRAQ
	http://forum.cerberusweb.com/showthread.php?s=&po…	x_refsource_CONFIRM

Date Public ?

2005-12-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:46:04.514Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "21991",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21991"
          },
          {
            "name": "21993",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21993"
          },
          {
            "name": "20051219 Cerberus Helpdesk vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=113500878630130\u0026w=2"
          },
          {
            "name": "21992",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21992"
          },
          {
            "name": "16062",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16062"
          },
          {
            "name": "21995",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21995"
          },
          {
            "name": "21990",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21990"
          },
          {
            "name": "18112",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18112"
          },
          {
            "name": "21988",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21988"
          },
          {
            "name": "21994",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21994"
          },
          {
            "name": "cerberus-multiple-sql-injection(23836)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23836"
          },
          {
            "name": "20051225 Cerberus Helpdesk multiple vulnerabilities.",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/420271/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forum.cerberusweb.com/showthread.php?s=\u0026postid=30315"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to attachment_send.php, (2) the $addy variable in email_parser.php, (3) $address variable in email_parser.php, (4) $a_address variable in structs.php, (5) kbid parameter to cer_KnowledgebaseHandler.class.php, (6) queues[] parameter to addresses_export.php, (7) $thread variable to display.php, (8) ticket parameter to display_ticket_thread.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "21991",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21991"
        },
        {
          "name": "21993",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21993"
        },
        {
          "name": "20051219 Cerberus Helpdesk vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=113500878630130\u0026w=2"
        },
        {
          "name": "21992",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21992"
        },
        {
          "name": "16062",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16062"
        },
        {
          "name": "21995",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21995"
        },
        {
          "name": "21990",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21990"
        },
        {
          "name": "18112",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18112"
        },
        {
          "name": "21988",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21988"
        },
        {
          "name": "21994",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21994"
        },
        {
          "name": "cerberus-multiple-sql-injection(23836)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23836"
        },
        {
          "name": "20051225 Cerberus Helpdesk multiple vulnerabilities.",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/420271/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forum.cerberusweb.com/showthread.php?s=\u0026postid=30315"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4427",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple SQL injection vulnerabilities in Cerberus Helpdesk allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to attachment_send.php, (2) the $addy variable in email_parser.php, (3) $address variable in email_parser.php, (4) $a_address variable in structs.php, (5) kbid parameter to cer_KnowledgebaseHandler.class.php, (6) queues[] parameter to addresses_export.php, (7) $thread variable to display.php, (8) ticket parameter to display_ticket_thread.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "21991",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21991"
            },
            {
              "name": "21993",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21993"
            },
            {
              "name": "20051219 Cerberus Helpdesk vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=113500878630130\u0026w=2"
            },
            {
              "name": "21992",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21992"
            },
            {
              "name": "16062",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16062"
            },
            {
              "name": "21995",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21995"
            },
            {
              "name": "21990",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21990"
            },
            {
              "name": "18112",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18112"
            },
            {
              "name": "21988",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21988"
            },
            {
              "name": "21994",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21994"
            },
            {
              "name": "cerberus-multiple-sql-injection(23836)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23836"
            },
            {
              "name": "20051225 Cerberus Helpdesk multiple vulnerabilities.",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/420271/100/0/threaded"
            },
            {
              "name": "http://forum.cerberusweb.com/showthread.php?s=\u0026postid=30315",
              "refsource": "CONFIRM",
              "url": "http://forum.cerberusweb.com/showthread.php?s=\u0026postid=30315"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4427",
    "datePublished": "2005-12-20T23:00:00.000Z",
    "dateReserved": "2005-12-20T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:46:04.514Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3502 (GCVE-0-2005-3502)

Vulnerability from cvelistv5 – Published: 2005-11-05 11:00 – Updated: 2024-08-07 23:17

Summary

attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/17431	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1015153	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/15315	vdb-entryx_refsource_BID
	http://www.osvdb.org/20461	vdb-entryx_refsource_OSVDB
	http://marc.info/?l=full-disclosure&m=11310943341…	mailing-listx_refsource_FULLDISC

Date Public ?

2005-11-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:22.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17431",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17431"
          },
          {
            "name": "1015153",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015153"
          },
          {
            "name": "15315",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15315"
          },
          {
            "name": "20461",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/20461"
          },
          {
            "name": "20051104 Cerberus helpdesk",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=113109433413298\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-11-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "17431",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17431"
        },
        {
          "name": "1015153",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015153"
        },
        {
          "name": "15315",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15315"
        },
        {
          "name": "20461",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/20461"
        },
        {
          "name": "20051104 Cerberus helpdesk",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=113109433413298\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3502",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17431",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17431"
            },
            {
              "name": "1015153",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015153"
            },
            {
              "name": "15315",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15315"
            },
            {
              "name": "20461",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/20461"
            },
            {
              "name": "20051104 Cerberus helpdesk",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=113109433413298\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3502",
    "datePublished": "2005-11-05T11:00:00.000Z",
    "dateReserved": "2005-11-05T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:17:22.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1962 (GCVE-0-2005-1962)

Vulnerability from cvelistv5 – Published: 2005-06-14 04:00 – Updated: 2024-08-07 22:06

Summary

Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://forum.cerberusweb.com/showthread.php?threa…	x_refsource_CONFIRM
	http://securitytracker.com/id?1014128	vdb-entryx_refsource_SECTRACK
	http://echo.or.id/adv/adv15-theday-2005.txt	x_refsource_MISC
	http://secunia.com/advisories/15641	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2005-06-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:06:57.763Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost"
          },
          {
            "name": "1014128",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014128"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://echo.or.id/adv/adv15-theday-2005.txt"
          },
          {
            "name": "15641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15641"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-06-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-01-12T10:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost"
        },
        {
          "name": "1014128",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014128"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://echo.or.id/adv/adv15-theday-2005.txt"
        },
        {
          "name": "15641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15641"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1962",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost",
              "refsource": "CONFIRM",
              "url": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost"
            },
            {
              "name": "1014128",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014128"
            },
            {
              "name": "http://echo.or.id/adv/adv15-theday-2005.txt",
              "refsource": "MISC",
              "url": "http://echo.or.id/adv/adv15-theday-2005.txt"
            },
            {
              "name": "15641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15641"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1962",
    "datePublished": "2005-06-14T04:00:00.000Z",
    "dateReserved": "2005-06-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T22:06:57.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1963 (GCVE-0-2005-1963)

Vulnerability from cvelistv5 – Published: 2005-06-14 04:00 – Updated: 2024-08-07 22:06

Summary

Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3) configuration.php, which leaks the information in a PHP error message.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www.wgmdev.com/jira/browse/CERB-170	x_refsource_CONFIRM
	http://forum.cerberusweb.com/showthread.php?threa…	x_refsource_CONFIRM
	http://securitytracker.com/id?1014128	vdb-entryx_refsource_SECTRACK
	http://echo.or.id/adv/adv15-theday-2005.txt	x_refsource_MISC
	http://secunia.com/advisories/15641	third-party-advisoryx_refsource_SECUNIA

Date Public ?

2005-06-07 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:06:57.737Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.wgmdev.com/jira/browse/CERB-170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost"
          },
          {
            "name": "1014128",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014128"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://echo.or.id/adv/adv15-theday-2005.txt"
          },
          {
            "name": "15641",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15641"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-06-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3) configuration.php, which leaks the information in a PHP error message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-01-12T10:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.wgmdev.com/jira/browse/CERB-170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost"
        },
        {
          "name": "1014128",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014128"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://echo.or.id/adv/adv15-theday-2005.txt"
        },
        {
          "name": "15641",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15641"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1963",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3) configuration.php, which leaks the information in a PHP error message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.wgmdev.com/jira/browse/CERB-170",
              "refsource": "CONFIRM",
              "url": "http://www.wgmdev.com/jira/browse/CERB-170"
            },
            {
              "name": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost",
              "refsource": "CONFIRM",
              "url": "http://forum.cerberusweb.com/showthread.php?threadid=5162\u0026goto=newpost"
            },
            {
              "name": "1014128",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014128"
            },
            {
              "name": "http://echo.or.id/adv/adv15-theday-2005.txt",
              "refsource": "MISC",
              "url": "http://echo.or.id/adv/adv15-theday-2005.txt"
            },
            {
              "name": "15641",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15641"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1963",
    "datePublished": "2005-06-14T04:00:00.000Z",
    "dateReserved": "2005-06-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T22:06:57.737Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria ⓘ Use this form to refine search results. Full-text search supports keyword queries with ranking and filtering. You can combine vendor, product, and sources to narrow results. Enable “Apply ordering” to sort by date instead of relevance.

14 vulnerabilities by Cerberus

CVE-2026-6265 (GCVE-0-2026-6265)

CVE-2017-6880 (GCVE-0-2017-6880)

CVE-2008-6440 (GCVE-0-2008-6440)

CVE-2007-5930 (GCVE-0-2007-5930)

CVE-2003-1476 (GCVE-0-2003-1476)

CVE-2006-6366 (GCVE-0-2006-6366)

CVE-2006-5428 (GCVE-0-2006-5428)

CVE-2006-4539 (GCVE-0-2006-4539)

CVE-2006-0509 (GCVE-0-2006-0509)

CVE-2005-4428 (GCVE-0-2005-4428)

CVE-2005-4427 (GCVE-0-2005-4427)

CVE-2005-3502 (GCVE-0-2005-3502)

CVE-2005-1962 (GCVE-0-2005-1962)

CVE-2005-1963 (GCVE-0-2005-1963)

Search criteria ⓘ Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.