| VID |
21670 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Kayako eSupport software is vulnerable to multiple input validation vulnerabilities. Kayako eSupport is a help desk support system written in PHP. Kayako eSupport 2.x are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct cross-site scripting and SQL injection attacks.
1) Multiple SQL Injection Vulnerabilities: Input passed to the "subcat", "rate", "questiondetails", "ticketkey22", "email22" parameters of the "index.php" script, and the e-mail field of the Forgot Key feature isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) A Cross-Site Scripting Vulnerability: Input passed to the "searchm" parameter in the "index.php" script isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-12/0238.html
http://www.gulftech.org/?node=research&article_id=00056-12182004
http://secunia.com/advisories/13563/
* Platforms Affected:
Kayako eSupport 2.x
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of August 2005.
Upgrade to the latest version of Kayako eSupport, when new fixed version becomes available from the Kayako Web Solutions Web site at http://www.kayako.com/?_a=hms |
| Related URL |
CVE-2004-1412,CVE-2004-1413 (CVE) |
| Related URL |
12037 (SecurityFocus) |
| Related URL |
18571,18572 (ISS) |
|
