CVE-2003-0303 Information

Description

SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0070.html http://marc.info/?l=bugtraq&m=105302025601231&w=2 http://www.securityfocus.com/bid/7609