CVE-2009-0303 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 54%

Vendor	Product	Version
webhelpdesk	web_help_desk	𝑥 ≤ 9.1.17
webhelpdesk	web_help_desk	8.0.20
webhelpdesk	web_help_desk	8.0.21
webhelpdesk	web_help_desk	8.0.22
webhelpdesk	web_help_desk	8.2.0
webhelpdesk	web_help_desk	8.2.0.1
webhelpdesk	web_help_desk	8.2.0.2
webhelpdesk	web_help_desk	8.2.0.3
webhelpdesk	web_help_desk	8.2.0.4
webhelpdesk	web_help_desk	8.2.0.5
webhelpdesk	web_help_desk	8.2.0.6
webhelpdesk	web_help_desk	8.2.0.7
webhelpdesk	web_help_desk	8.2.0.8
webhelpdesk	web_help_desk	8.2.0.9
webhelpdesk	web_help_desk	8.2.0.10
webhelpdesk	web_help_desk	8.2.1.1
webhelpdesk	web_help_desk	8.2.1.2
webhelpdesk	web_help_desk	8.2.1.3
webhelpdesk	web_help_desk	8.2.1.4
webhelpdesk	web_help_desk	8.2.1.5
webhelpdesk	web_help_desk	8.2.2
webhelpdesk	web_help_desk	8.2.3
webhelpdesk	web_help_desk	8.2.3.1
webhelpdesk	web_help_desk	8.2.3.2
webhelpdesk	web_help_desk	8.2.3.3
webhelpdesk	web_help_desk	8.2.3.4
webhelpdesk	web_help_desk	8.2.4
webhelpdesk	web_help_desk	8.2.4.1
webhelpdesk	web_help_desk	8.2.4.2
webhelpdesk	web_help_desk	8.2.4.3
webhelpdesk	web_help_desk	8.3.0.1
webhelpdesk	web_help_desk	8.3.0.2
webhelpdesk	web_help_desk	8.3.0.3
webhelpdesk	web_help_desk	8.3.0.4
webhelpdesk	web_help_desk	8.3.0.5
webhelpdesk	web_help_desk	8.3.1
webhelpdesk	web_help_desk	8.3.1.1
webhelpdesk	web_help_desk	8.3.1.2
webhelpdesk	web_help_desk	8.3.1.3
webhelpdesk	web_help_desk	8.3.2
webhelpdesk	web_help_desk	8.3.3
webhelpdesk	web_help_desk	8.3.3.1
webhelpdesk	web_help_desk	8.3.3.2
webhelpdesk	web_help_desk	8.3.3.3
webhelpdesk	web_help_desk	8.3.3.4
webhelpdesk	web_help_desk	8.3.4.0
webhelpdesk	web_help_desk	8.3.4.1
webhelpdesk	web_help_desk	8.3.4.2
webhelpdesk	web_help_desk	8.3.5.1
webhelpdesk	web_help_desk	8.3.5.2
webhelpdesk	web_help_desk	8.3.5.3
webhelpdesk	web_help_desk	8.3.5.4
webhelpdesk	web_help_desk	8.3.5.5
webhelpdesk	web_help_desk	8.3.5.6
webhelpdesk	web_help_desk	8.3.6
webhelpdesk	web_help_desk	8.3.6.1
webhelpdesk	web_help_desk	8.4.1.0
webhelpdesk	web_help_desk	8.4.1.1
webhelpdesk	web_help_desk	8.4.1.2
webhelpdesk	web_help_desk	8.4.1.3
webhelpdesk	web_help_desk	8.4.1.4
webhelpdesk	web_help_desk	8.4.1.5
webhelpdesk	web_help_desk	8.4.1.6
webhelpdesk	web_help_desk	8.4.1.7
webhelpdesk	web_help_desk	8.4.1.8
webhelpdesk	web_help_desk	8.4.1.9
webhelpdesk	web_help_desk	8.4.2.0
webhelpdesk	web_help_desk	8.4.2.1
webhelpdesk	web_help_desk	8.4.2.2
webhelpdesk	web_help_desk	8.4.2.3
webhelpdesk	web_help_desk	8.4.3.0
webhelpdesk	web_help_desk	8.4.3.1
webhelpdesk	web_help_desk	8.4.3.2
webhelpdesk	web_help_desk	8.4.3.3
webhelpdesk	web_help_desk	8.4.3.4
webhelpdesk	web_help_desk	8.4.3.5
webhelpdesk	web_help_desk	8.4.3.6
webhelpdesk	web_help_desk	8.4.3.7
webhelpdesk	web_help_desk	8.4.4
webhelpdesk	web_help_desk	8.4.5
webhelpdesk	web_help_desk	8.4.5.1
webhelpdesk	web_help_desk	8.4.5.2
webhelpdesk	web_help_desk	8.4.6.0
webhelpdesk	web_help_desk	8.4.6.1
webhelpdesk	web_help_desk	8.4.6.2
webhelpdesk	web_help_desk	8.4.6.3
webhelpdesk	web_help_desk	8.4.6.4
webhelpdesk	web_help_desk	8.4.6.5
webhelpdesk	web_help_desk	8.4.6.6
webhelpdesk	web_help_desk	8.4.6.7
webhelpdesk	web_help_desk	8.4.6.8
webhelpdesk	web_help_desk	8.4.6.10
webhelpdesk	web_help_desk	9.1.0
webhelpdesk	web_help_desk	9.1.1
webhelpdesk	web_help_desk	9.1.2
webhelpdesk	web_help_desk	9.1.4
webhelpdesk	web_help_desk	9.1.5
webhelpdesk	web_help_desk	9.1.6
webhelpdesk	web_help_desk	9.1.7
webhelpdesk	web_help_desk	9.1.8
webhelpdesk	web_help_desk	9.1.9
webhelpdesk	web_help_desk	9.1.10
webhelpdesk	web_help_desk	9.1.11
webhelpdesk	web_help_desk	9.1.12
webhelpdesk	web_help_desk	9.1.13
webhelpdesk	web_help_desk	9.1.14
webhelpdesk	web_help_desk	9.1.15
webhelpdesk	web_help_desk	9.1.16

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://secunia.com/advisories/33651

http://updates.webhelpdesk.com/weblog/updates/StableReleases/2009/01/23/911812309.html

http://www.securityfocus.com/bid/33429

http://secunia.com/advisories/33651

http://updates.webhelpdesk.com/weblog/updates/StableReleases/2009/01/23/911812309.html

http://www.securityfocus.com/bid/33429