Logicnow : Security Vulnerabilities, CVEs,
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter.
Max CVSS
7.5
EPSS Score
0.48%
Published
2005-05-02
Updated
2017-07-11
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.
Max CVSS
5.0
EPSS Score
1.85%
Published
2004-09-13
Updated
2017-07-11
pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message.
Max CVSS
5.0
EPSS Score
0.54%
Published
2004-09-12
Updated
2017-07-11
3 vulnerabilities found