CVE-2006-6161 - Cyperaceous Grooves
Description
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) uid parameter to (a) inout/status.asp (b) inout/update.asp and (c) forgotpass.asp. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Reference
http://www.securityfocus.com/bid/32884 http://www.vupen.com/english/advisories/2006/4704 https://exchange.xforce.ibmcloud.com/vulnerabilities/47420 https://www.exploit-db.com/exploits/7493