CVE-2004-1413 Information

Description

Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat (2) rate (3) questiondetails (4) ticketkey22 (5) email22 parameters to index.php or (6) the e-mail field of the Forgot Key feature.

Reference

http://marc.info/?l=bugtraq&m=110352428607171&w=2 http://www.gulftech.org/?node=research&article_id=00056-12182004 http://www.securityfocus.com/bid/12037 https://exchange.xforce.ibmcloud.com/vulnerabilities/18572