Unrated severityNVD Advisory· Published Nov 17, 2003· Updated Jun 16, 2026
CVE-2003-0874
CVE-2003-0874
Description
Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen.
Affected products
2cpe:2.3:a:deskpro:deskpro:1.1_.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:deskpro:deskpro:1.1_.0:*:*:*:*:*:*:*
- (no CPE)range: <=1.1.0
Patches
Vulnerability mechanics
References
5- www.securiteam.com/unixfocus/6R0052K8KM.htmlnvdExploitVendor Advisory
- www.securityfocus.com/bid/8856nvdExploitPatchVendor Advisory
- archives.neohapsis.com/archives/vulnwatch/2003-q4/0017.htmlnvd
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/13391nvd
News mentions
0No linked articles in our index yet.