CVE-2006-5428
published 2006-10-20CVE-2006-5428: rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the…
PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.71%
84.1th percentile
rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cerberus | cerberus_helpdesk | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Cerberus Helpdesk 3.2.1 rpc.php information disclosure (EDB-28826 / Nessus ID 22876)
vuldb·2026-04-25·CVSS 5.0
CVE-2006-5428 [MEDIUM] Cerberus Helpdesk 3.2.1 rpc.php information disclosure (EDB-28826 / Nessus ID 22876)
A vulnerability was found in Cerberus Helpdesk 3.2.1. It has been declared as problematic. Affected is an unknown function of the file rpc.php. Executing a manipulation can lead to information disclosure.
This vulnerability appears as CVE-2006-5428. The attack may be performed from remote. In addition, an exploit is available.
It is recommended to upgrade the affected component.
GHSA
GHSA-hp77-pqh3-vgwc: rpc
ghsa_unreviewed·2022-05-01
CVE-2006-5428 [MEDIUM] GHSA-hp77-pqh3-vgwc: rpc
rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request.
No detection rules found.
No writeups or analysis indexed.
http://forum.cerberusweb.com/showthread.php?t=7922http://secunia.com/advisories/22418http://www.securityfocus.com/bid/20598http://www.vupen.com/english/advisories/2006/4089https://exchange.xforce.ibmcloud.com/vulnerabilities/29655http://forum.cerberusweb.com/showthread.php?t=7922http://secunia.com/advisories/22418http://www.securityfocus.com/bid/20598http://www.vupen.com/english/advisories/2006/4089https://exchange.xforce.ibmcloud.com/vulnerabilities/29655
2006-10-20
Published