CVE-2002-0932 Information

Description

SQL injection vulnerability in index.php for MyHelpDesk 20020509 and possibly other versions allows remote attackers to conduct unauthorized activities via SQL code in the \id\ parameter for the operations (1) detailticket (2) editticket or (3) updateticketlog.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-06/0057.html http://www.iss.net/security_center/static/9321.php http://www.securityfocus.com/bid/4971